commit 17ebf85abda18c3875b1ba6670fe7b393bc1f297
author Dr. Stephen Henson <steve@openssl.org> Tue Aug 16 14:06:48 2016 +0100
committer Dr. Stephen Henson <steve@openssl.org> Tue Aug 16 16:05:35 2016 +0100
tree 224f98559daf13f77b4526df0a24a3ab1675f685
parent 1940aa6e6b51147df10a5bffcaaa2b9904209184

Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data().

Deprecate the function ASN1_STRING_data() and replace with a new function
ASN1_STRING_get0_data() which returns a constant pointer. Update library
to use new function.

Reviewed-by: Rich Salz <rsalz@openssl.org>

apps/apps.c

diff --git a/apps/apps.c b/apps/apps.c
index 746f565..17a9fdc 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1938,7 +1938,7 @@
         gen = sk_GENERAL_NAME_value(gens, i);
         uri = GENERAL_NAME_get0_value(gen, &gtype);
         if (gtype == GEN_URI && ASN1_STRING_length(uri) > 6) {
-            char *uptr = (char *)ASN1_STRING_data(uri);
+            const char *uptr = (const char *)ASN1_STRING_get0_data(uri);
             if (strncmp(uptr, "http://", 7) == 0)
                 return uptr;
         }
@@ -2581,3 +2581,17 @@
     return _kbhit();
 }
 #endif
+
+/* Corrupt a signature by modifying final byte */
+int corrupt_signature(ASN1_STRING *signature)
+{
+        unsigned char *s;
+        size_t slen = ASN1_STRING_length(signature);
+
+        s = OPENSSL_memdup(ASN1_STRING_get0_data(signature), slen);
+        if (s == NULL)
+            return 0;
+        s[slen - 1] ^= 0x1;
+        ASN1_STRING_set0(signature, s, slen);
+        return 1;
+}