Fix segfault in openssl x509 -modulus

The command ``openssl x509 -noout -modulus -in cert.pem`` used to segfaults
sometimes because an uninitialized variable was passed to
``BN_lebin2bn``. The bug triggered an assertion in bn_expand_internal().

Fixes: https://github.com/openssl/openssl/issues/15899
Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15900)

diff --git a/apps/x509.c b/apps/x509.c
index b68530fb2251b14e78a1985ac4d12c4c2127b2cf..e9a45e4d8f73c45c7a345fd5e17183bf738c01fc 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -943,7 +943,7 @@ int x509_main(int argc, char **argv)
         } else if (i == modulus) {
             BIO_printf(out, "Modulus=");
             if (EVP_PKEY_is_a(pkey, "RSA")) {
-                BIGNUM *n;
+                BIGNUM *n = NULL;
 
                 /* Every RSA key has an 'n' */
                 EVP_PKEY_get_bn_param(pkey, "n", &n);