mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

EVP: Have evp_pkey_cmp_any() detect if export wasn't possible

Browse Source 
There are some EC keys that can't be exported to provider keymgmt,
because the keymgmt implementation doesn't support certain forms of EC
keys.  This could lead to a crash caused by dereferencing a NULL
pointer, so we need to cover that case by returning an error instead.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12610)
This commit is contained in:
Richard Levitte 2020-08-07 18:47:04 +02:00
parent c7dfb2abe5
commit a24b510c28
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/evp/p_lib.c
View File

@ -269,6 +269,10 @@ static int evp_pkey_cmp_any(const EVP_PKEY *a, const EVP_PKEY *b,
if (keymgmt1 != keymgmt2)
return -2;
/* If the keymgmt implementations are NULL, the export failed */
if (keymgmt1 == NULL)
return -2;
return evp_keymgmt_match(keymgmt1, keydata1, keydata2, selection);
}