Fix input checks wrt legacy code - openssl

diff options

author	Simo Sorce <simo@redhat.com>	2019-05-24 23:35:04 +0200
committer	Pauli <paul.dale@oracle.com>	2019-05-27 00:05:36 +0200
commit	d4d89a076262aa118c07a4766daf17202aef17f0 (patch)
tree	73dc5702db13fb2fd830cdfaf63648df58743054 /crypto/ocsp
parent	crypto/evp/evp_key.c: #define BUFSIZ if <stdio.h> doesn't #define it (diff)
download	openssl-d4d89a076262aa118c07a4766daf17202aef17f0.tar.xz openssl-d4d89a076262aa118c07a4766daf17202aef17f0.zip

Fix input checks wrt legacy code

In all legacy code ctx->cipher is dereferenced without checks, so it makes no sense to jump there is ctx->cipher is NULL as it will just lead to a crash. Catch it separately and return an error. This is simlar to the fix in d2c2e49eab69c7446c1c2c7227f63f8618ca99a5 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9002)

Diffstat (limited to 'crypto/ocsp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: