[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Thu May 19 19:48:29 UTC 2016


The branch master has been updated
       via  c223c4a9ce9b36b352a55e91862e1c6eda533723 (commit)
      from  2ee65a672fe18fe275cf7ac1f86e8723ee38ebdc (commit)


- Log -----------------------------------------------------------------
commit c223c4a9ce9b36b352a55e91862e1c6eda533723
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Apr 25 16:44:19 2016 +0100

    Check that the obtained public key is valid
    
    In the X509 app check that the obtained public key is valid before we
    attempt to use it.
    
    Issue reported by Yuan Jochen Kang.
    
    Reviewed-by: Viktor Dukhovni <viktor at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/x509.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/apps/x509.c b/apps/x509.c
index 4bf7cdb..56c6fcc 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -943,6 +943,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
     EVP_PKEY *upkey;
 
     upkey = X509_get0_pubkey(xca);
+    if (upkey == NULL) {
+        BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
+        goto end;
+    }
     EVP_PKEY_copy_parameters(upkey, pkey);
 
     xsc = X509_STORE_CTX_new();


More information about the openssl-commits mailing list