Add a return value check

If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then we should set the NID to NID_undef. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-11-11 10:44:07 +0000
committer: Matt Caswell <matt@openssl.org> 2015-12-10 11:50:20 +0000
commit: 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 (patch)
tree: f714b941a122c6ab093946ee311ec08f6381b43a
parent: 44bf7119d67272dbbe3a96c58b842aff8d93c1b4 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 83015e85c3..571a891843 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3326,7 +3326,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg)
 static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
                                int *psignhash_nid, const unsigned char *data)
 {
-    int sign_nid = 0, hash_nid = 0;
+    int sign_nid = NID_undef, hash_nid = NID_undef;
     if (!phash_nid && !psign_nid && !psignhash_nid)
         return;
     if (phash_nid || psignhash_nid) {
@@ -3340,9 +3340,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
             *psign_nid = sign_nid;
     }
     if (psignhash_nid) {
-        if (sign_nid && hash_nid)
-            OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid);
-        else
+        if (sign_nid == NID_undef || hash_nid == NID_undef
+                || OBJ_find_sigid_by_algs(psignhash_nid, hash_nid,
+                                          sign_nid) <= 0)
             *psignhash_nid = NID_undef;
     }
 }
author	Matt Caswell <matt@openssl.org>	2015-11-11 10:44:07 +0000
committer	Matt Caswell <matt@openssl.org>	2015-12-10 11:50:20 +0000
commit	330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 (patch)
tree	f714b941a122c6ab093946ee311ec08f6381b43a
parent	44bf7119d67272dbbe3a96c58b842aff8d93c1b4 (diff)