[openssl] master update
tomas at openssl.org
tomas at openssl.org
Thu May 6 15:04:16 UTC 2021
The branch master has been updated
via 021521aa91d7b1a47f3c3b704f1cc39f169b2e5b (commit)
from bfe2fcc840e92df5a5875e55c6aed79891d2612f (commit)
- Log -----------------------------------------------------------------
commit 021521aa91d7b1a47f3c3b704f1cc39f169b2e5b
Author: Petr Gotthard <petr.gotthard at centrum.cz>
Date: Sun Apr 18 18:28:25 2021 +0200
Fix NULL dereference when ENCODER does not implement IMPORT_OBJECT
External ENCODER may not implement OSSL_FUNC_ENCODER_IMPORT_OBJECT,
so a check for NULL is needed.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14919)
-----------------------------------------------------------------------
Summary of changes:
crypto/encode_decode/encoder_pkey.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c
index 4bfd219fe2..3bb0702e43 100644
--- a/crypto/encode_decode/encoder_pkey.c
+++ b/crypto/encode_decode/encoder_pkey.c
@@ -76,6 +76,7 @@ struct collected_encoder_st {
const char *output_structure;
const char *output_type;
+ const OSSL_PROVIDER *keymgmt_prov;
OSSL_ENCODER_CTX *ctx;
int error_occurred;
@@ -102,7 +103,9 @@ static void collect_encoder(OSSL_ENCODER *encoder, void *arg)
if (!OSSL_ENCODER_is_a(encoder, name)
|| (encoder->does_selection != NULL
- && !encoder->does_selection(provctx, data->ctx->selection)))
+ && !encoder->does_selection(provctx, data->ctx->selection))
+ || (data->keymgmt_prov != prov
+ && encoder->import_object == NULL))
continue;
/* Only add each encoder implementation once */
@@ -213,6 +216,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx,
const char *propquery)
{
struct construct_data_st *data = NULL;
+ const OSSL_PROVIDER *prov = NULL;
OSSL_LIB_CTX *libctx = NULL;
int ok = 0;
@@ -222,8 +226,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx,
}
if (evp_pkey_is_provided(pkey)) {
- const OSSL_PROVIDER *prov = EVP_KEYMGMT_provider(pkey->keymgmt);
-
+ prov = EVP_KEYMGMT_provider(pkey->keymgmt);
libctx = ossl_provider_libctx(prov);
}
@@ -252,6 +255,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx,
encoder_data.output_type = ctx->output_type;
encoder_data.output_structure = ctx->output_structure;
encoder_data.error_occurred = 0;
+ encoder_data.keymgmt_prov = prov;
encoder_data.ctx = ctx;
OSSL_ENCODER_do_all_provided(libctx, collect_encoder, &encoder_data);
sk_OPENSSL_CSTRING_free(keymgmt_data.names);
More information about the openssl-commits
mailing list