From 47c9a1b5096be684c18335137284f0dfcefd12d6 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 7 Oct 2015 13:28:46 +0100
Subject: [PATCH] embed support for ASN1_STRING

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 crypto/asn1/asn1_lib.c |  3 ++-
 crypto/asn1/tasn_new.c | 20 ++++++++++++++------
 include/openssl/asn1.h |  2 ++
 3 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 3b366449a9..12248dbf78 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -363,7 +363,8 @@ void ASN1_STRING_free(ASN1_STRING *a)
         return;
     if (!(a->flags & ASN1_STRING_FLAG_NDEF))
         OPENSSL_free(a->data);
-    OPENSSL_free(a);
+    if (!(a->flags & ASN1_STRING_FLAG_EMBED))
+        OPENSSL_free(a);
 }
 
 void ASN1_STRING_clear_free(ASN1_STRING *a)
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 13db8676fc..33a8e97442 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -67,7 +67,8 @@
 
 static int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
                                int embed);
-static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                              int embed);
 static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
 static int asn1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
 static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
@@ -120,12 +121,12 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
         if (it->templates) {
             if (!asn1_template_new(pval, it->templates))
                 goto memerr;
-        } else if (!asn1_primitive_new(pval, it))
+        } else if (!asn1_primitive_new(pval, it, embed))
             goto memerr;
         break;
 
     case ASN1_ITYPE_MSTRING:
-        if (!asn1_primitive_new(pval, it))
+        if (!asn1_primitive_new(pval, it, embed))
             goto memerr;
         break;
 
@@ -305,7 +306,8 @@ static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
  * all the old functions.
  */
 
-static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                              int embed)
 {
     ASN1_TYPE *typ;
     ASN1_STRING *str;
@@ -347,10 +349,16 @@ static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
         break;
 
     default:
-        str = ASN1_STRING_type_new(utype);
+        if (embed) {
+            str = *(ASN1_STRING **)pval;
+            memset(str, 0, sizeof(*str));
+            str->flags = ASN1_STRING_FLAG_EMBED;
+        } else {
+            str = ASN1_STRING_type_new(utype);
+            *pval = (ASN1_VALUE *)str;
+        }
         if (it->itype == ASN1_ITYPE_MSTRING && str)
             str->flags |= ASN1_STRING_FLAG_MSTRING;
-        *pval = (ASN1_VALUE *)str;
         break;
     }
     if (*pval)
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index 2405bd68d1..076886974f 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -179,6 +179,8 @@ DECLARE_STACK_OF(X509_ALGOR)
  * type.
  */
 # define ASN1_STRING_FLAG_MSTRING 0x040
+/* String is embedded and only content should be freed */
+# define ASN1_STRING_FLAG_EMBED 0x080
 /* This is the base type that holds just about everything :-) */
 struct asn1_string_st {
     int length;