diff options
| author | Petr Gotthard <petr.gotthard@centrum.cz> | 2021-04-18 18:28:25 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-05-06 17:03:41 +0200 |
| commit | 021521aa91d7b1a47f3c3b704f1cc39f169b2e5b (patch) | |
| tree | f11e25dea20007e95231f25d8a4de694cc202d40 | |
| parent | bfe2fcc840e92df5a5875e55c6aed79891d2612f (diff) | |
Fix NULL dereference when ENCODER does not implement IMPORT_OBJECT
External ENCODER may not implement OSSL_FUNC_ENCODER_IMPORT_OBJECT,
so a check for NULL is needed.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14919)
| -rw-r--r-- | crypto/encode_decode/encoder_pkey.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c index 4bfd219fe2..3bb0702e43 100644 --- a/crypto/encode_decode/encoder_pkey.c +++ b/crypto/encode_decode/encoder_pkey.c @@ -76,6 +76,7 @@ struct collected_encoder_st { const char *output_structure; const char *output_type; + const OSSL_PROVIDER *keymgmt_prov; OSSL_ENCODER_CTX *ctx; int error_occurred; @@ -102,7 +103,9 @@ static void collect_encoder(OSSL_ENCODER *encoder, void *arg) if (!OSSL_ENCODER_is_a(encoder, name) || (encoder->does_selection != NULL - && !encoder->does_selection(provctx, data->ctx->selection))) + && !encoder->does_selection(provctx, data->ctx->selection)) + || (data->keymgmt_prov != prov + && encoder->import_object == NULL)) continue; /* Only add each encoder implementation once */ @@ -213,6 +216,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx, const char *propquery) { struct construct_data_st *data = NULL; + const OSSL_PROVIDER *prov = NULL; OSSL_LIB_CTX *libctx = NULL; int ok = 0; @@ -222,8 +226,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx, } if (evp_pkey_is_provided(pkey)) { - const OSSL_PROVIDER *prov = EVP_KEYMGMT_provider(pkey->keymgmt); - + prov = EVP_KEYMGMT_provider(pkey->keymgmt); libctx = ossl_provider_libctx(prov); } @@ -252,6 +255,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx, encoder_data.output_type = ctx->output_type; encoder_data.output_structure = ctx->output_structure; encoder_data.error_occurred = 0; + encoder_data.keymgmt_prov = prov; encoder_data.ctx = ctx; OSSL_ENCODER_do_all_provided(libctx, collect_encoder, &encoder_data); sk_OPENSSL_CSTRING_free(keymgmt_data.names); |