The command ``openssl x509 -noout -modulus -in cert.pem`` used to segfaults
sometimes because an uninitialized variable was passed to
``BN_lebin2bn``. The bug triggered an assertion in bn_expand_internal().
Fixes: https://github.com/openssl/openssl/issues/15899
Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15900)
} else if (i == modulus) {
BIO_printf(out, "Modulus=");
if (EVP_PKEY_is_a(pkey, "RSA")) {
- BIGNUM *n;
+ BIGNUM *n = NULL;
/* Every RSA key has an 'n' */
EVP_PKEY_get_bn_param(pkey, "n", &n);