[openssl] master update

Dr. Paul Dale pauli at openssl.org
Tue Jun 1 08:47:03 UTC 2021


The branch master has been updated
       via  8ee66a092c07e618191ef49c8912f8235b08bb95 (commit)
      from  28cab20916731c188180628330de27f6ce5f684e (commit)


- Log -----------------------------------------------------------------
commit 8ee66a092c07e618191ef49c8912f8235b08bb95
Author: Pauli <pauli at openssl.org>
Date:   Mon May 31 09:26:05 2021 +1000

    req: fix Coverity 1485137 Explicit null dereference
    
    Add a check for a non-existent file name when specifying params via file.
    Add a check for a failure to determine key type.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15534)

-----------------------------------------------------------------------

Summary of changes:
 apps/req.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/apps/req.c b/apps/req.c
index a9769b7452..3b0545fd6e 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1522,6 +1522,12 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
 
         if (strncmp(gstr, "param", len) == 0) {
             expect_paramfile = 1;
+            if (p == NULL) {
+                BIO_printf(bio_err,
+                           "Parameter file requested but no path given: %s\n",
+                           gstr);
+                return NULL;
+            }
         } else {
             keytype = gstr;
             keytypelen = len;
@@ -1569,6 +1575,11 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         }
         if (keytype == NULL) {
             keytype = EVP_PKEY_get0_type_name(param);
+            if (keytype == NULL) {
+                EVP_PKEY_free(param);
+                BIO_puts(bio_err, "Unable to determine key type\n");
+                return NULL;
+            }
         }
     }
 


More information about the openssl-commits mailing list