Add some additional NULL checks to prevent segfaults.

Fixes #14809 PR #14752 attempted to pass the libctx, propq in a few places related to X509 signing. There were a few places that needed additional NULL checks so that they behavethe same as they did before. OCSP_basic_sign() was changed to call EVP_DigestSignInit_ex() which passed the parameter EVP_MD_name(dgst). Since dgst can be NULL EVP_MD_name() was segfaulting. Adding an additional NULL check EVP_MD_name() resolves this issue. The other NULL checks are required to produce errors rather than segfaults if the certificate is NULL. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14826)
author: Shane Lontis <shane.lontis@oracle.com> 2021-04-12 11:19:21 +1000
committer: Shane Lontis <shane.lontis@oracle.com> 2021-04-14 16:05:00 +1000
commit: 5c107243877121f84037a5aaf19457f87458e8ed (patch)
tree: 8b3ef6e620890f5c1cb4ec1e1cdad9ca74c9888e /crypto/evp/evp_lib.c
parent: 46eee7104d77f9d303e06a398febdc60fd014d33 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index a707285c91..6c578bd8ba 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -701,6 +701,8 @@ const char *EVP_MD_description(const EVP_MD *md)
 
 const char *EVP_MD_name(const EVP_MD *md)
 {
+    if (md == NULL)
+        return NULL;
     if (md->prov != NULL)
         return evp_first_name(md->prov, md->name_id);
 #ifndef FIPS_MODULE
author	Shane Lontis <shane.lontis@oracle.com>	2021-04-12 11:19:21 +1000
committer	Shane Lontis <shane.lontis@oracle.com>	2021-04-14 16:05:00 +1000
commit	5c107243877121f84037a5aaf19457f87458e8ed (patch)
tree	8b3ef6e620890f5c1cb4ec1e1cdad9ca74c9888e /crypto/evp/evp_lib.c
parent	46eee7104d77f9d303e06a398febdc60fd014d33 (diff)