code.ossystems Code Review - openembedded-core.git/blob

   1 openssl: avoid NULL pointer dereference in EVP_DigestInit_ex()
   2
   3 We should avoid accessing the type pointer if it's NULL,
   4 this could happen if ctx->digest is not NULL.
   5
   6 Upstream-Status: Submitted
   7 http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html
   8
   9 Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
  10 ---
  11 --- a/crypto/evp/digest.c
  12 +++ b/crypto/evp/digest.c
  13 @@ -199,7 +199,7 @@
  14                 return 0;
  15                 }
  16  #endif
  17 -       if (ctx->digest != type)
  18 +       if (type && (ctx->digest != type))
  19                 {
  20                 if (ctx->digest && ctx->digest->ctx_size)
  21                         OPENSSL_free(ctx->md_data);