diff options
author | Zhou Qingyang <zhou1615@umn.edu> | 2022-04-07 00:48:09 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-04-21 08:34:09 +0200 |
commit | 3f075967f664aac12951a1d7aa3124d9235cd299 (patch) | |
tree | 0198743659f5910b0173f2018d73ccab7c1f8960 /apps | |
parent | 4d50a5467b0a208c61d163239a3544bae06343ea (diff) |
Fix a possible NULL pointer dereference in create_cert_store()
In create_cert_store(), X509_STORE_new() is called and there is a
dereference of it in following function X509_STORE_add_lookup()
without check, which could lead to NULL pointer dereference.
Fix this by adding a NULL check of X509_STORE_new()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18057)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/ts.c | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -980,6 +980,10 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, const char *propq = app_get0_propq(); cert_ctx = X509_STORE_new(); + if (cert_ctx == NULL) { + BIO_printf(bio_err, "memory allocation failure\n"); + return NULL; + } X509_STORE_set_verify_cb(cert_ctx, verify_cb); if (CApath != NULL) { lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir()); |