[openssl/openssl] aea2d7: Crypto/evp: Fix null pointer dereference

pauli noreply at reply.github.openssl.org
Mon Apr 11 04:14:45 UTC 2022


  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: aea2d74bdce61c8aaa942cf03fb1ca9761e9f3a8
      https://github.openssl.org/openssl/openssl/commit/aea2d74bdce61c8aaa942cf03fb1ca9761e9f3a8
  Author: yuanjungong <yuanjungong96 at gmail.com>
  Date:   2022-04-11 (Mon, 11 Apr 2022)

  Changed paths:
    M crypto/evp/p5_crpt2.c

  Log Message:
  -----------
  Crypto/evp: Fix null pointer dereference

Check the return value of EVP_KDF_fetch to avoid a potential
null pointer dereference.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18062)

(cherry picked from commit 5f1424c6bdca8ddb9d5d88a78a1d738be19c4ea8)




More information about the openssl-commits mailing list