[openssl/openssl] b74001: Check for EVP_MD being NULL inside ssl.

slontis noreply at reply.github.openssl.org
Wed Jul 13 07:03:09 UTC 2022


  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: b740012f77aed97cb4b3cd8a4f1fb2f668542795
      https://github.openssl.org/openssl/openssl/commit/b740012f77aed97cb4b3cd8a4f1fb2f668542795
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-07-13 (Wed, 13 Jul 2022)

  Changed paths:
    M ssl/s3_lib.c
    M ssl/ssl_ciph.c
    M ssl/statem/extensions_srvr.c
    M ssl/statem/statem_clnt.c
    M ssl/tls13_enc.c

  Log Message:
  -----------
  Check for EVP_MD being NULL inside ssl.

Fix multiple places that could potentially segfault if memory
allocations fail. e.g. ssl_load_ciphers() could fail while calling
ssl_evp_md_fetch().

Found by #18355

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18784)




More information about the openssl-commits mailing list