Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.

[openssl.git] / crypto / rsa / rsa_pss.c

diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
index 7d5b4781a30bce66542d7866c4705f7cd74c3245..2e44194bdcd0be0398f56330f3429e6fedf6c5cf 100644 (file)
--- a/crypto/rsa/rsa_pss.c
+++ b/crypto/rsa/rsa_pss.c
@@ -81,6 +81,12 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
        EVP_MD_CTX ctx;
        unsigned char H_[EVP_MAX_MD_SIZE];
 
        EVP_MD_CTX ctx;
        unsigned char H_[EVP_MAX_MD_SIZE];
 

+       if (Hash == NULL)
+               {
+               RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_ARGUMENT);
+               goto err;
+               }
+

        hLen = EVP_MD_size(Hash);
        /*
         * Negative sLen has special meanings:
        hLen = EVP_MD_size(Hash);
        /*
         * Negative sLen has special meanings: