summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
blob: 3e93fe4e22c94503df6f9cccbc39088d36a6e797 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
openssl: avoid NULL pointer dereference in dh_pub_encode()/dsa_pub_encode()

We should avoid accessing the pointer if ASN1_STRING_new()
allocates memory failed.

Upstream-Status: Submitted
http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html

Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
---
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -139,6 +139,12 @@
 	dh=pkey->pkey.dh;
 
 	str = ASN1_STRING_new();
+	if (!str)
+		{
+		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
 	str->length = i2d_DHparams(dh, &str->data);
 	if (str->length <= 0)
 		{
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -148,6 +148,11 @@
 		{
 		ASN1_STRING *str;
 		str = ASN1_STRING_new();
+		if (!str)
+			{
+			DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
 		str->length = i2d_DSAparams(dsa, &str->data);
 		if (str->length <= 0)
 			{