summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
blob: 57e39eb673d7b641758acc5a4bf62e4f80dff28d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
openssl: avoid NULL pointer dereference in EVP_DigestInit_ex()

We should avoid accessing the type pointer if it's NULL,
this could happen if ctx->digest is not NULL.

Upstream-Status: Submitted
http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html

Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>

ported the patch to the 1.0.0m version
Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> 2015/03/24

Ported the patch to 1.0.1t version.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
diff -ruN a/crypto/evp/digest.c b/crypto/evp/digest.c
--- a/crypto/evp/digest.c	2016-05-03 15:49:00.000000000 +0200
+++ b/crypto/evp/digest.c	2016-05-04 09:17:47.629259835 +0200
@@ -199,7 +199,7 @@
         type = ctx->digest;
     }
 #endif
-    if (ctx->digest != type) {
+    if (type && (ctx->digest != type)) {
         if (ctx->digest && ctx->digest->ctx_size) {
             OPENSSL_free(ctx->md_data);
             ctx->md_data = NULL;