Check GOST parameters are not NULL (CVE-2012-0027)
[openssl.git] / engines / ccgost / gost94_keyx.c
index 624be58..0d7d3ff 100644 (file)
@@ -261,6 +261,10 @@ int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *key_len
                }
 
        param = get_encryption_params(gkt->key_agreement_info->cipher);
+    if(!param){
+        goto err;
+    }
+       
        gost_init(&cctx,param->sblock); 
        OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
        memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8);