blob: d7047bbaacde176d7c609b7ec7b5fdd6dc269e11 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
openssl: avoid NULL pointer dereference in dh_pub_encode()/dsa_pub_encode()
We should avoid accessing the pointer if ASN1_STRING_new()
allocates memory failed.
Upstream-Status: Submitted
http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
---
Index: openssl-1.0.2/crypto/dh/dh_ameth.c
===================================================================
--- openssl-1.0.2.orig/crypto/dh/dh_ameth.c
+++ openssl-1.0.2/crypto/dh/dh_ameth.c
@@ -161,6 +161,11 @@ static int dh_pub_encode(X509_PUBKEY *pk
dh = pkey->pkey.dh;
str = ASN1_STRING_new();
+ if (!str) {
+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
str->length = i2d_dhp(pkey, dh, &str->data);
if (str->length <= 0) {
DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
|