diff options
author | Milan Broz <gmazyland@gmail.com> | 2022-10-29 11:48:51 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-11-10 18:12:00 +0100 |
commit | 2fee530c86d5e203a311e0857330fa94ab18c6e9 (patch) | |
tree | 06fc457732ecb250ff9d59f4604a7d6c1dfb5b4f | |
parent | 60d391b6f0178e1f1afac242db460a14590bc03e (diff) |
pem: avoid segfault if PKEY is NULL in PEM_write_bio_PrivateKey
Make the code more robust and correctly handle EVP_PKEY set to NULL
instead of dereferencing null pointer.
Signed-off-by: Milan Broz <gmazyland@gmail.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19536)
(cherry picked from commit 373d90128042cb0409e347827d80b50a99d3965a)
-rw-r--r-- | crypto/pem/pem_pkey.c | 5 | ||||
-rw-r--r-- | test/evp_pkey_provided_test.c | 7 |
2 files changed, 10 insertions, 2 deletions
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 53367c03db..8ffeed9d78 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -311,7 +311,7 @@ PEM_write_cb_ex_fnsig(PrivateKey, EVP_PKEY, BIO, write_bio) IMPLEMENT_PEM_provided_write_body_main(pkey, bio); legacy: - if (x->ameth == NULL || x->ameth->priv_encode != NULL) + if (x != NULL && (x->ameth == NULL || x->ameth->priv_encode != NULL)) return PEM_write_bio_PKCS8PrivateKey(out, x, enc, (const char *)kstr, klen, cb, u); return PEM_write_bio_PrivateKey_traditional(out, x, enc, kstr, klen, cb, u); @@ -336,6 +336,9 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x, EVP_PKEY *copy = NULL; int ret; + if (x == NULL) + return 0; + if (evp_pkey_is_assigned(x) && evp_pkey_is_provided(x) && evp_pkey_copy_downgraded(©, x)) diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c index 8faf0838d0..d1a287e277 100644 --- a/test/evp_pkey_provided_test.c +++ b/test/evp_pkey_provided_test.c @@ -188,7 +188,12 @@ static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk) /* Unencrypted private key in PEM form */ || !TEST_true(PEM_write_bio_PrivateKey(membio, pk, NULL, NULL, 0, NULL, NULL)) - || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))) + || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)) + /* NULL key */ + || !TEST_false(PEM_write_bio_PrivateKey(membio, NULL, + NULL, NULL, 0, NULL, NULL)) + || !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL, + NULL, NULL, 0, NULL, NULL))) goto err; ret = 1; |