Fix NULL deref in apps/pkcs7
authorRich Salz <rsalz@openssl.org>
Mon, 25 Apr 2016 12:56:54 +0000 (08:56 -0400)
committerRich Salz <rsalz@openssl.org>
Mon, 25 Apr 2016 15:44:24 +0000 (11:44 -0400)
Thanks to Brian Carpenter for finding and reporting this.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
apps/pkcs7.c

index ad8330d..a2c1c6d 100644 (file)
@@ -222,12 +222,16 @@ int pkcs7_main(int argc, char **argv)
         i = OBJ_obj2nid(p7->type);
         switch (i) {
         case NID_pkcs7_signed:
-            certs = p7->d.sign->cert;
-            crls = p7->d.sign->crl;
+            if (p7->d.sign != NULL) {
+                certs = p7->d.sign->cert;
+                crls = p7->d.sign->crl;
+            }
             break;
         case NID_pkcs7_signedAndEnveloped:
-            certs = p7->d.signed_and_enveloped->cert;
-            crls = p7->d.signed_and_enveloped->crl;
+            if (p7->d.signed_and_enveloped != NULL) {
+                certs = p7->d.signed_and_enveloped->cert;
+                crls = p7->d.signed_and_enveloped->crl;
+            }
             break;
         default:
             break;