mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
openssl: avoid NULL pointer dereference
EVP_PKEY_CTX_new_id() may return NULL and for this reason we must check its return value and bail out in case of failure. Failing to do so, may result in NULL pointer dereferece when we pass the returned pointer (NULL) to other functions. Signed-off-by: Antonio Quartulli <antonio@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20210405080007.1665-2-a@unstable.cc> URL: https://www.mail-archive.com/search?l=mid&q=20210405080007.1665-2-a@unstable.cc Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
24e58164b8
commit
f3c7698957
@ -1125,8 +1125,13 @@ bool
|
||||
ssl_tls1_PRF(const uint8_t *seed, int seed_len, const uint8_t *secret,
|
||||
int secret_len, uint8_t *output, int output_len)
|
||||
{
|
||||
bool ret = false;
|
||||
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
|
||||
if (!pctx)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
bool ret = false;
|
||||
if (!EVP_PKEY_derive_init(pctx))
|
||||
{
|
||||
goto out;
|
||||
|
Loading…
Reference in New Issue
Block a user