[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Thu Dec 10 11:56:41 UTC 2015
The branch OpenSSL_1_0_2-stable has been updated
via f4d1926f9546e84631fdfd9bd68af86ffe4021b2 (commit)
from 9501418ea2287658d1a11ce888ff97fa49e9164d (commit)
- Log -----------------------------------------------------------------
commit f4d1926f9546e84631fdfd9bd68af86ffe4021b2
Author: Matt Caswell <matt at openssl.org>
Date: Wed Nov 11 10:44:07 2015 +0000
Add a return value check
If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then
we should set the NID to NID_undef.
Reviewed-by: Richard Levitte <levitte at openssl.org>
(cherry picked from commit 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68)
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 3176d1e..37f0ae5 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3583,7 +3583,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg)
static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
int *psignhash_nid, const unsigned char *data)
{
- int sign_nid = 0, hash_nid = 0;
+ int sign_nid = NID_undef, hash_nid = NID_undef;
if (!phash_nid && !psign_nid && !psignhash_nid)
return;
if (phash_nid || psignhash_nid) {
@@ -3599,9 +3599,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
*psign_nid = sign_nid;
}
if (psignhash_nid) {
- if (sign_nid && hash_nid)
- OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid);
- else
+ if (sign_nid == NID_undef || hash_nid == NID_undef
+ || OBJ_find_sigid_by_algs(psignhash_nid, hash_nid,
+ sign_nid) <= 0)
*psignhash_nid = NID_undef;
}
}
More information about the openssl-commits
mailing list