ensure the pointer is valid before using it

diff --git a/apps/ts.c b/apps/ts.c
index 0083f9a1e14b069422af814a1afb3b317c971546..f0923360a7bfbd7978fd86bd2f795cf6744a2f80 100644 (file)
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -1041,6 +1041,8 @@ static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
                if (!(request = d2i_TS_REQ_bio(input, NULL))) goto err;
                if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL))) goto err;
                }
+       else
+               return NULL;
 
        /* Add the signature verification flag and arguments. */
        ctx->flags |= TS_VFY_SIGNATURE;

diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index b79685ee42318faf69b6c588fb16a546a9056ba2..5a3c3d1d2e353e0c3e8497489e3be030978bcd0b 100644 (file)
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -732,6 +732,8 @@ int test_mont(BIO *bp, BN_CTX *ctx)
        BN_init(&n);
 
        mont=BN_MONT_CTX_new();
+       if (mont == NULL)
+               return 0;
 
        BN_bntest_rand(&a,100,0,0); /**/
        BN_bntest_rand(&b,100,0,0); /**/

diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index 30b64984561378448ac2a06a354b2b6e4b70b260..0c8e636fdf6a76f895abe52c7b0c125669d632e9 100644 (file)
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -466,18 +466,21 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
        if (!result)
                {
                TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
-               TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
-                                                "Error during response "
-                                                "generation.");
-               /* Check if the status info was set. */
-               if (ctx->response
-                   && ASN1_INTEGER_get(
-                           TS_RESP_get_status_info(ctx->response)->status)
-                   == TS_STATUS_GRANTED)
+               if (ctx != NULL)
                        {
-                       /* Status info wasn't set, don't return a response. */
-                       TS_RESP_free(ctx->response);
-                       ctx->response = NULL;
+                       TS_RESP_CTX_set_status_info_cond(ctx,
+                               TS_STATUS_REJECTION, "Error during response "
+                               "generation.");
+                       /* Check if the status info was set. */
+                       if (ctx->response && ASN1_INTEGER_get(
+                           TS_RESP_get_status_info(ctx->response)->status)
+                           == TS_STATUS_GRANTED)
+                               {
+                               /* Status info wasn't set, don't
+                                * return a response. */
+                               TS_RESP_free(ctx->response);
+                               ctx->response = NULL;
+                               }
                        }
                }
        response = ctx->response;
@@ -567,13 +570,18 @@ static int TS_RESP_check_request(TS_RESP_CTX *ctx)
        return 1;
        }
 
-/* Returns the TSA policy based on the rqeuested and acceptable policies. */
+/* Returns the TSA policy based on the requested and acceptable policies. */
 static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
        {
        ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
        ASN1_OBJECT *policy = NULL;
        int i;
 
+       if (ctx->default_policy == NULL)
+               {
+               TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
+               return NULL;
+               }
        /* Return the default policy if none is requested or the default is
           requested. */
        if (!requested || !OBJ_cmp(requested, ctx->default_policy))