projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix wild pointer dereference in make_ocsp_response()
[openssl.git] / apps / ocsp.c
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 51f2b37f479fd110f0050d278052e19e6b5c87e9..a2f974cf7ba071f9545ce0ae34c652bd3675b564 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1119,6 +1119,11 @@ static void make_ocsp_response(BIO *err, OCSP_RESPONSE **resp, OCSP_REQUEST *req
             single = OCSP_basic_add1_status(bs, cid,
                                             V_OCSP_CERTSTATUS_REVOKED,
                                             reason, revtm, thisupd, nextupd);
+            if (single == NULL) {
+                *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR,
+                                             NULL);
+                goto end;
+            }
             if (invtm != NULL)
                 OCSP_SINGLERESP_add1_ext_i2d(single, NID_invalidity_date,
                                              invtm, 0, 0);
Unnamed repository; edit this file 'description' to name the repository.