projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Don't try and verify signatures if key is NULL (CVE-2013-0166)
[openssl.git]
/
crypto
/
asn1
/
a_verify.c
diff --git
a/crypto/asn1/a_verify.c
b/crypto/asn1/a_verify.c
index da3efaaf8de524d0aea44ed505182109076a164f..7ded69b170f665825ee1d58135c12862c756f5f2 100644
(file)
--- a/
crypto/asn1/a_verify.c
+++ b/
crypto/asn1/a_verify.c
@@
-138,6
+138,12
@@
int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
unsigned char *buf_in=NULL;
int ret= -1,i,inl;
+ if (!pkey)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
+ return -1;
+ }
+
EVP_MD_CTX_init(&ctx);
i=OBJ_obj2nid(a->algorithm);
type=EVP_get_digestbyname(OBJ_nid2sn(i));