projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Don't try and verify signatures if key is NULL (CVE-2013-0166)
[openssl.git] / crypto / asn1 / a_verify.c
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index da3efaaf8de524d0aea44ed505182109076a164f..7ded69b170f665825ee1d58135c12862c756f5f2 100644 (file)
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -138,6 +138,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
        unsigned char *buf_in=NULL;
        int ret= -1,i,inl;
 
+       if (!pkey)
+               {
+               ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
+               return -1;
+               }
+
        EVP_MD_CTX_init(&ctx);
        i=OBJ_obj2nid(a->algorithm);
        type=EVP_get_digestbyname(OBJ_nid2sn(i));
Unnamed repository; edit this file 'description' to name the repository.