From 2747d73c1466c487daf64a1234b6fe2e8a62ac75 Mon Sep 17 00:00:00 2001
From: Kurt Roeckx <kurt@roeckx.be>
Date: Sat, 24 Jan 2015 14:46:50 +0100
Subject: [PATCH] Fix segfault with empty fields as last in the config.

Reviewed-by: Tim Hudson <tjh@openssl.org>
---
 crypto/asn1/asn1_gen.c  | 5 +++++
 crypto/engine/eng_fat.c | 2 ++
 ssl/ssl_conf.c          | 2 ++
 ssl/t1_lib.c            | 4 ++++
 4 files changed, 13 insertions(+)

diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index 9ef89f6121..87066e8374 100644
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -279,6 +279,9 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
 
     int tmp_tag, tmp_class;
 
+    if (elem == NULL)
+        return 0;
+
     for (i = 0, p = elem; i < len; p++, i++) {
         /* Look for the ':' in name value pairs */
         if (*p == ':') {
@@ -805,6 +808,8 @@ static int mask_cb(const char *elem, int len, void *arg)
 {
     unsigned long *pmask = arg, tmpmask;
     int tag;
+    if (elem == NULL)
+        return 0;
     if (len == 3 && !strncmp(elem, "DIR", 3)) {
         *pmask |= B_ASN1_DIRECTORYSTRING;
         return 1;
diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c
index bcb4c446b2..4279dd94b1 100644
--- a/crypto/engine/eng_fat.c
+++ b/crypto/engine/eng_fat.c
@@ -103,6 +103,8 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags)
 static int int_def_cb(const char *alg, int len, void *arg)
 {
     unsigned int *pflags = arg;
+    if (alg == NULL)
+        return 0;
     if (!strncmp(alg, "ALL", len))
         *pflags |= ENGINE_METHOD_ALL;
     else if (!strncmp(alg, "RSA", len))
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index af88a475b8..354f218cee 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -167,6 +167,8 @@ static int ssl_set_option_list(const char *elem, int len, void *usr)
      * len == -1 indicates not being called in list context, just for single
      * command line switches, so don't allow +, -.
      */
+    if (elem == NULL)
+        return 0;
     if (len != -1) {
         if (*elem == '+') {
             elem++;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 8fb26a4c8d..115aab5596 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -596,6 +596,8 @@ static int nid_cb(const char *elem, int len, void *arg)
     size_t i;
     int nid;
     char etmp[20];
+    if (elem == NULL)
+        return 0;
     if (narg->nidcnt == MAX_CURVELIST)
         return 0;
     if (len > (int)(sizeof(etmp) - 1))
@@ -4001,6 +4003,8 @@ static int sig_cb(const char *elem, int len, void *arg)
     size_t i;
     char etmp[20], *p;
     int sig_alg, hash_alg;
+    if (elem == NULL)
+        return 0;
     if (sarg->sigalgcnt == MAX_SIGALGLEN)
         return 0;
     if (len > (int)(sizeof(etmp) - 1))
-- 
2.34.1