diff options
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch new file mode 100644 index 0000000000..36aa442223 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch | |||
@@ -0,0 +1,24 @@ | |||
1 | openssl: avoid NULL pointer dereference in EVP_DigestInit_ex() | ||
2 | |||
3 | We should avoid accessing the type pointer if it's NULL, | ||
4 | this could happen if ctx->digest is not NULL. | ||
5 | |||
6 | Upstream-Status: Submitted | ||
7 | http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html | ||
8 | |||
9 | Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> | ||
10 | |||
11 | ported the patch to the 1.0.0m version | ||
12 | Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> 2015/03/24 | ||
13 | --- | ||
14 | --- a/crypto/evp/digest.c | ||
15 | +++ b/crypto/evp/digest.c | ||
16 | @@ -199,7 +199,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | ||
17 | type = ctx->digest; | ||
18 | } | ||
19 | #endif | ||
20 | - if (ctx->digest != type) { | ||
21 | + if (type && (ctx->digest != type)) { | ||
22 | if (ctx->digest && ctx->digest->ctx_size) | ||
23 | OPENSSL_free(ctx->md_data); | ||
24 | ctx->digest = type; | ||