projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 46eee71) | patch
Add some additional NULL checks to prevent segfaults.
authorShane Lontis <shane.lontis@oracle.com>
Mon, 12 Apr 2021 01:19:21 +0000 (11:19 +1000)
committerShane Lontis <shane.lontis@oracle.com>
Wed, 14 Apr 2021 06:05:00 +0000 (16:05 +1000)
commit5c107243877121f84037a5aaf19457f87458e8ed
tree8b3ef6e620890f5c1cb4ec1e1cdad9ca74c9888etree | snapshot
parent46eee7104d77f9d303e06a398febdc60fd014d33commit | diff
Add some additional NULL checks to prevent segfaults.

Fixes #14809

PR #14752 attempted to pass the libctx, propq in a few places related to
X509 signing. There were a few places that needed additional NULL checks so that they behavethe same as they did before.

OCSP_basic_sign() was changed to call EVP_DigestSignInit_ex() which passed the parameter EVP_MD_name(dgst). Since dgst can be NULL EVP_MD_name() was segfaulting.
Adding an additional NULL check EVP_MD_name() resolves this issue.

The other NULL checks are required to produce errors rather than
segfaults if the certificate is NULL.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14826)
crypto/evp/evp_lib.c diff | blob | history
crypto/ocsp/ocsp_srv.c diff | blob | history
crypto/x509/x_crl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.