From bbaa9dd850152bc85cad094e0aa0c685553d149c Mon Sep 17 00:00:00 2001 From: TJ Saunders Date: Fri, 10 Jun 2016 00:36:45 -0700 Subject: [PATCH 1/1] Ensure that NULL r and s parameters cannot be set on DSA_SIG/ECDSA_SIGs. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Reviewed-by: Richard Levitte Reviewed-by: Emilia Käsper Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1193) --- crypto/dsa/dsa_asn1.c | 2 ++ crypto/ec/ec_asn1.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index f2818f3ab6..f79e1d1404 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -34,6 +34,8 @@ void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const DSA_SIG *sig) int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) { + if (r == NULL || s == NULL) + return 0; BN_clear_free(sig->r); BN_clear_free(sig->s); sig->r = r; diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 9bc4ca7b27..9f7e837308 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -1182,6 +1182,8 @@ void ECDSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const ECDSA_SIG *sig) int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) { + if (r == NULL || s == NULL) + return 0; BN_clear_free(sig->r); BN_clear_free(sig->s); sig->r = r; -- 2.34.1