Check that the obtained public key is valid

In the X509 app check that the obtained public key is valid before we attempt to use it. Issue reported by Yuan Jochen Kang. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-04-25 16:44:19 +0100
committer: Matt Caswell <matt@openssl.org> 2016-05-19 20:46:06 +0100
commit: c223c4a9ce9b36b352a55e91862e1c6eda533723 (patch)
tree: 222c3e5d466fcce6e6321ae6012788ff660b4ca1 /apps/x509.c
parent: 2ee65a672fe18fe275cf7ac1f86e8723ee38ebdc (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/apps/x509.c b/apps/x509.c
index 4bf7cdb9c5..56c6fcca6a 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -943,6 +943,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
     EVP_PKEY *upkey;
 
     upkey = X509_get0_pubkey(xca);
+    if (upkey == NULL) {
+        BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
+        goto end;
+    }
     EVP_PKEY_copy_parameters(upkey, pkey);
 
     xsc = X509_STORE_CTX_new();
author	Matt Caswell <matt@openssl.org>	2016-04-25 16:44:19 +0100
committer	Matt Caswell <matt@openssl.org>	2016-05-19 20:46:06 +0100
commit	c223c4a9ce9b36b352a55e91862e1c6eda533723 (patch)
tree	222c3e5d466fcce6e6321ae6012788ff660b4ca1 /apps/x509.c
parent	2ee65a672fe18fe275cf7ac1f86e8723ee38ebdc (diff)