Fix for potential deferencing of null pointer in o2i_SCT_signature

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/crypto/ct/ct_oct.c b/crypto/ct/ct_oct.c
index 6b6a6a7bc7865221431f4d48d8e1ddd1916afc5c..73fc61df2b1468738433da66856f2ce37bd02ba8 100644 (file)
--- a/crypto/ct/ct_oct.c
+++ b/crypto/ct/ct_oct.c
@@ -98,7 +98,7 @@ int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
 {
     size_t siglen;
     size_t len_remaining = len;
-    const unsigned char *p = *in;
+    const unsigned char *p;
 
     if (sct->version != SCT_VERSION_V1) {
         CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION);
@@ -116,6 +116,7 @@ int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
         return -1;
     }
 
+    p = *in;
     /* Get hash and signature algorithm */
     sct->hash_alg = *p++;
     sct->sig_alg = *p++;