[openssl/openssl] 6646e0: Add return value check of EVP_PKEY_copy_parameters...

Tomas Mraz noreply at reply.github.openssl.org
Mon May 16 08:43:32 UTC 2022


  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 6646e015a50e5455117c22a27032011689db710f
      https://github.openssl.org/openssl/openssl/commit/6646e015a50e5455117c22a27032011689db710f
  Author: Zhou Qingyang <zhou1615 at umn.edu>
  Date:   2022-05-16 (Mon, 16 May 2022)

  Changed paths:
    M ssl/ssl_rsa.c

  Log Message:
  -----------
  Add return value check of EVP_PKEY_copy_parameters () in ssl_set_cert_and_key()

It seems the return value of EVP_PKEY_copy_parameters() in
ssl_set_cert_and_key(), and could lead to null pointer dereference in
EVP_PKEY_eq() function.

However those functions are complicated and this fix is suggested by
a static analyzer, so please advise.

Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18071)




More information about the openssl-commits mailing list