RT2849: Redundant check of "dsa" variable.
authorRich Salz <rsalz@openssl.org>
Thu, 4 Sep 2014 16:55:31 +0000 (12:55 -0400)
committerRich Salz <rsalz@openssl.org>
Mon, 8 Sep 2014 14:53:59 +0000 (10:53 -0400)
In the current code, the check isn't redundant.
And in fact the REAL check was missing.
This avoids a NULL-deref crash.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
fips/dsa/fips_dssvs.c

index e2f2297..6a0b40f 100644 (file)
@@ -552,6 +552,11 @@ static void keypair(FILE *in, FILE *out)
            int n=atoi(value);
 
            dsa = FIPS_dsa_new();
+           if (!dsa)
+               {
+               fprintf(stderr, "DSA allocation error\n");
+               exit(1);
+               }
            if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, NULL, NULL, 0,
                                                NULL, NULL, NULL, NULL))
                        {
@@ -578,8 +583,7 @@ static void keypair(FILE *in, FILE *out)
                do_bn_print_name(out, "Y",dsa->pub_key);
                fputs(RESP_EOL, out);
                }
-           if (dsa)
-               FIPS_dsa_free(dsa);
+           FIPS_dsa_free(dsa);
            }
        }
     }