Don't try and verify signatures if key is NULL (CVE-2013-0166)
Add additional check to catch this in ASN1_item_verify too. (Imported from upstream's e9b4b8afbd129adc18d3fe71ca2ab34fe61d8640)
This commit is contained in:
parent
db4f9521b5
commit
e2c2f60c44
@ -81,6 +81,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
|
|||||||
|
|
||||||
int mdnid, pknid;
|
int mdnid, pknid;
|
||||||
|
|
||||||
|
if (!pkey)
|
||||||
|
{
|
||||||
|
OPENSSL_PUT_ERROR(X509, ASN1_item_verify, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
EVP_MD_CTX_init(&ctx);
|
||||||
|
|
||||||
/* Convert signature OID into digest and public key OIDs */
|
/* Convert signature OID into digest and public key OIDs */
|
||||||
|
Loading…
Reference in New Issue
Block a user