===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/ca.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- src/usr.bin/openssl/ca.c	2015/09/11 14:30:23	1.12
+++ src/usr.bin/openssl/ca.c	2015/09/11 18:07:06	1.13
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.12 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: ca.c,v 1.13 2015/09/11 18:07:06 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1779,7 +1779,8 @@
 	if (!X509_set_version(ret, 2))
 		goto err;
 #endif
-
+	if (ci->serialNumber == NULL)
+		goto err;
 	if (BN_to_ASN1_INTEGER(serial, ci->serialNumber) == NULL)
 		goto err;
 	if (selfsign) {
@@ -1929,6 +1930,11 @@
 
 	tm = X509_get_notAfter(ret);
 	row[DB_exp_date] = malloc(tm->length + 1);
+	if (row[DB_exp_date] == NULL) {
+		BIO_printf(bio_err, "Memory allocation failure\n");
+		goto err;
+	}
+
 	memcpy(row[DB_exp_date], tm->data, tm->length);
 	row[DB_exp_date][tm->length] = '\0';
 
@@ -1938,8 +1944,8 @@
 	row[DB_file] = malloc(8);
 	row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
 
-	if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-	    (row[DB_file] == NULL) || (row[DB_name] == NULL)) {
+	if ((row[DB_type] == NULL) || (row[DB_file] == NULL) ||
+	    (row[DB_name] == NULL)) {
 		BIO_printf(bio_err, "Memory allocation failure\n");
 		goto err;
 	}
@@ -2177,6 +2183,10 @@
 
 		tm = X509_get_notAfter(x509);
 		row[DB_exp_date] = malloc(tm->length + 1);
+		if (row[DB_exp_date] == NULL) {
+			BIO_printf(bio_err, "Memory allocation failure\n");
+			goto err;
+		}
 		memcpy(row[DB_exp_date], tm->data, tm->length);
 		row[DB_exp_date][tm->length] = '\0';
 
@@ -2187,8 +2197,7 @@
 
 		/* row[DB_name] done already */
 
-		if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-		    (row[DB_file] == NULL)) {
+		if ((row[DB_type] == NULL) || (row[DB_file] == NULL)) {
 			BIO_printf(bio_err, "Memory allocation failure\n");
 			goto err;
 		}