mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-24 13:55:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Crypto/evp: Fix null pointer dereference

Browse Source 
Check the return value of EVP_KDF_fetch to avoid a potential
null pointer dereference.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18062)
This commit is contained in:
yuanjungong 2022-04-07 12:35:59 +08:00 committed by Pauli
parent 148176ca32
commit 5f1424c6bd
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/evp/p5_crpt2.c
View File

@ -42,6 +42,8 @@ int ossl_pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
salt = (unsigned char *)empty;
kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_PBKDF2, propq);
if (kdf == NULL)
return 0;
kctx = EVP_KDF_CTX_new(kdf);
EVP_KDF_free(kdf);
if (kctx == NULL)