evp: make all _is_a functions accept and handle a NULL argument

Makes life easier for callers.

Fixes Coverity 1503326

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18799)

diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 89381f11c7aae60ec9399d45bbdc4dc39421947e..32482b733f85ac78947a0ee584bc2e60287270b5 100644 (file)
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -683,6 +683,8 @@ int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx)
 
 int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
 {
+    if (cipher == NULL)
+        return 0;
     if (cipher->prov != NULL)
         return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
     return evp_is_a(NULL, 0, EVP_CIPHER_get0_name(cipher), name);
@@ -737,6 +739,8 @@ int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher)
 
 int EVP_MD_is_a(const EVP_MD *md, const char *name)
 {
+    if (md == NULL)
+        return 0;
     if (md->prov != NULL)
         return evp_is_a(md->prov, md->name_id, NULL, name);
     return evp_is_a(NULL, 0, EVP_MD_get0_name(md), name);

diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 0db755e06b40efda2cfda174e747a4143e608fa0..e92108abb156912a71e5622c98eea9fb047652d4 100644 (file)
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -305,7 +305,7 @@ const char *EVP_RAND_get0_description(const EVP_RAND *rand)
 
 int EVP_RAND_is_a(const EVP_RAND *rand, const char *name)
 {
-    return evp_is_a(rand->prov, rand->name_id, NULL, name);
+    return rand != NULL && evp_is_a(rand->prov, rand->name_id, NULL, name);
 }
 
 const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand)

diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 4d5f8adbcade8a9d2d62da44c5a9240ef5f8d0b0..e80ec566ddb45c2aad2213ce97a4bf68b5d7ba9d 100644 (file)
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -556,7 +556,8 @@ const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch)
 
 int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name)
 {
-    return evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
+    return keyexch != NULL
+           && evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
 }
 
 void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,

diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index 8177626ae0627df7ee627ac45b41a1f40e3148ff..5b53d9822c9a15d97b7ab2a3246db8ade9a6f154 100644 (file)
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -97,7 +97,7 @@ const char *EVP_KDF_get0_description(const EVP_KDF *kdf)
 
 int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name)
 {
-    return evp_is_a(kdf->prov, kdf->name_id, NULL, name);
+    return kdf != NULL && evp_is_a(kdf->prov, kdf->name_id, NULL, name);
 }
 
 const OSSL_PROVIDER *EVP_KDF_get0_provider(const EVP_KDF *kdf)

diff --git a/crypto/evp/kem.c b/crypto/evp/kem.c
index 7594888b97d13bfcf32643deed3777b07b2e1f45..bd28ede7aeb8911a401a0d725bee7fb58cb09969 100644 (file)
--- a/crypto/evp/kem.c
+++ b/crypto/evp/kem.c
@@ -421,7 +421,7 @@ EVP_KEM *evp_kem_fetch_from_prov(OSSL_PROVIDER *prov, const char *algorithm,
 
 int EVP_KEM_is_a(const EVP_KEM *kem, const char *name)
 {
-    return evp_is_a(kem->prov, kem->name_id, NULL, name);
+    return kem != NULL && evp_is_a(kem->prov, kem->name_id, NULL, name);
 }
 
 int evp_kem_get_number(const EVP_KEM *kem)

diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index cbc61682a8d18a5435ae2483e9c32845271599f9..9440eadd78a144c5f1f06fd326cbe0f0cf9a1e64 100644 (file)
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -269,7 +269,8 @@ const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt)
 
 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name)
 {
-    return evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
+    return keymgmt != NULL
+           && evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
 }
 
 void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,

diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 24fdb35c8efc530bbce9f2fab032a5a92d029d3d..a49c10322035f545d57dea8eae5723b8f9aa66df 100644 (file)
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -226,7 +226,7 @@ const char *EVP_MAC_get0_description(const EVP_MAC *mac)
 
 int EVP_MAC_is_a(const EVP_MAC *mac, const char *name)
 {
-    return evp_is_a(mac->prov, mac->name_id, NULL, name);
+    return mac != NULL && evp_is_a(mac->prov, mac->name_id, NULL, name);
 }
 
 int EVP_MAC_names_do_all(const EVP_MAC *mac,

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index aef63128f95b4a4a8aefb95f4a2ac90a7f84dd60..170cb89cb05f9c2941a28bbc6a5971699109c79c 100644 (file)
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1039,11 +1039,10 @@ const char *evp_pkey_type2name(int type)
 
 int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name)
 {
-    if (pkey->keymgmt == NULL) {
-        int type = evp_pkey_name2type(name);
-
-        return pkey->type == type;
-    }
+    if (pkey == NULL)
+        return 0;
+    if (pkey->keymgmt == NULL)
+        return pkey->type == evp_pkey_name2type(name);
     return EVP_KEYMGMT_is_a(pkey->keymgmt, name);
 }
 

diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 49f40c8cec241a58b2caa9347375956e2d42cc9f..c9871668ad506ca72de66ab5d58041f0f6968f0e 100644 (file)
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -327,7 +327,8 @@ EVP_SIGNATURE *evp_signature_fetch_from_prov(OSSL_PROVIDER *prov,
 
 int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name)
 {
-    return evp_is_a(signature->prov, signature->name_id, NULL, name);
+    return signature != NULL
+           && evp_is_a(signature->prov, signature->name_id, NULL, name);
 }
 
 int evp_signature_get_number(const EVP_SIGNATURE *signature)