projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
148176c
)
Crypto/evp: Fix null pointer dereference
author
yuanjungong
<yuanjungong96@gmail.com>
Thu, 7 Apr 2022 04:35:59 +0000
(12:35 +0800)
committer
Pauli
<pauli@openssl.org>
Mon, 11 Apr 2022 04:13:57 +0000
(14:13 +1000)
Check the return value of EVP_KDF_fetch to avoid a potential
null pointer dereference.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18062)
crypto/evp/p5_crpt2.c
patch
|
blob
|
history
diff --git
a/crypto/evp/p5_crpt2.c
b/crypto/evp/p5_crpt2.c
index 7088875fe1fea9439ee5c248b14b1227d2dd42f9..4c82241f377d781dbbb55bb18d9e0e9d967f2128 100644
(file)
--- a/
crypto/evp/p5_crpt2.c
+++ b/
crypto/evp/p5_crpt2.c
@@
-42,6
+42,8
@@
int ossl_pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
salt = (unsigned char *)empty;
kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_PBKDF2, propq);
+ if (kdf == NULL)
+ return 0;
kctx = EVP_KDF_CTX_new(kdf);
EVP_KDF_free(kdf);
if (kctx == NULL)