projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7ceb770) | patch
Add check for xor_get_aid()
authorJiasheng Jiang <jiasheng@purdue.edu>
Wed, 6 Mar 2024 16:08:06 +0000 (16:08 +0000)
committerTomas Mraz <tomas@openssl.org>
Tue, 12 Mar 2024 18:32:32 +0000 (19:32 +0100)
commitbc930bed20d7462afecbb9d947286a335975c04a
tree293eac859232234d1e66252d999b786cf1f1669btree | snapshot
parent7ceb770883d5bbb60868df46a699dff928f865aacommit | diff
Add check for xor_get_aid()

Add check for the return value of xor_get_aid() in order to avoid NULL pointer deference.

For example, "algor" could be NULL if the allocation of X509_ALGOR_new() fails. As a result, i2d_X509_ALGOR() will return 0 and "ctx->aid" will be an invalid value NULL.

Fixes: f4ed6eed2c ("SSL_set1_groups_list(): Fix memory corruption with 40 groups and more")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23764)
test/tls-provider.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.