RT4002: check for NULL cipher in p12_crpt.c
authorEmilia Kasper <emilia@openssl.org>
Tue, 1 Sep 2015 12:56:58 +0000 (14:56 +0200)
committerEmilia Kasper <emilia@openssl.org>
Tue, 1 Sep 2015 18:03:04 +0000 (20:03 +0200)
The NULL cipher case can't actually happen because we have no
EVP_PBE_CTL combinations where cipher_nid is -1 and keygen is
PKCS12_PBE_keyivgen. But make the code more obviously correct.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 394f7b6fcc38132b8ccff0a3253b9dd15640cfc0)

crypto/pkcs12/p12_crpt.c

index 3a166e6130036573e0bcf1b74cb26790132773ae..9c2dcab02463298ab6e6cfd147630ed51ab2cf79 100644 (file)
@@ -77,6 +77,9 @@ int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
     const unsigned char *pbuf;
     unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
 
+    if (cipher == NULL)
+        return 0;
+
     /* Extract useful info from parameter */
     if (param == NULL || param->type != V_ASN1_SEQUENCE ||
         param->value.sequence == NULL) {