Check PKCS#8 pkey field is valid before cleansing.

author Dr. Stephen Henson <steve@openssl.org>

Sun, 1 Feb 2015 13:06:32 +0000 (13:06 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Tue, 3 Feb 2015 13:58:14 +0000 (13:58 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sun, 1 Feb 2015 13:06:32 +0000 (13:06 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Tue, 3 Feb 2015 13:58:14 +0000 (13:58 +0000)
diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c

index 90754831f2ab74da17c69303a8ea3d86b664eb39..0a425cd29d13118d43046f6add1ee27db35e7981 100644 (file)
--- a/crypto/asn1/p8_pkey.c
+++ b/crypto/asn1/p8_pkey.c
@@ -69,7 +69,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
      /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
      if (operation == ASN1_OP_FREE_PRE) {
          PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
-        if (key->pkey->value.octet_string)
+        if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING
+            && key->pkey->value.octet_string != NULL)
              OPENSSL_cleanse(key->pkey->value.octet_string->data,
                              key->pkey->value.octet_string->length);
      }
author	Dr. Stephen Henson <steve@openssl.org>
	Sun, 1 Feb 2015 13:06:32 +0000 (13:06 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 3 Feb 2015 13:58:14 +0000 (13:58 +0000)