diff options
author | Zhou Qingyang <zhou1615@umn.edu> | 2022-03-25 20:28:32 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-06-02 12:06:40 +0200 |
commit | b375e158cb910b253d4bb68c2fd5c30a2da60670 (patch) | |
tree | 6c831eade342d08d1dc334b8bb44c0bd02b8b4d8 /crypto/evp | |
parent | 13bc9889cb2a19613397fd5f26ee60f2b031432b (diff) |
Fix possible null pointer dereference of evp_pkey_get_legacy()
evp_pkey_get_legacy() will return NULL on failure, however several
uses of it or its wrappers does not check the return value of
evp_pkey_get_legacy(), which could lead to NULL pointer dereference.
Fix those possible bugs by adding NULL checking.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17967)
(cherry picked from commit b9a86d5dd8b5bd33be42390bcbb5121fe0ae71a1)
Diffstat (limited to 'crypto/evp')
-rw-r--r-- | crypto/evp/p_dec.c | 8 | ||||
-rw-r--r-- | crypto/evp/p_enc.c | 8 |
2 files changed, 12 insertions, 4 deletions
diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c index 7b33edecd5..29ea3f5fbc 100644 --- a/crypto/evp/p_dec.c +++ b/crypto/evp/p_dec.c @@ -22,15 +22,19 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, EVP_PKEY *priv) { int ret = -1; + RSA *rsa = NULL; if (EVP_PKEY_get_id(priv) != EVP_PKEY_RSA) { ERR_raise(ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA); goto err; } + rsa = evp_pkey_get0_RSA_int(priv); + if (rsa == NULL) + goto err; + ret = - RSA_private_decrypt(ekl, ek, key, evp_pkey_get0_RSA_int(priv), - RSA_PKCS1_PADDING); + RSA_private_decrypt(ekl, ek, key, rsa, RSA_PKCS1_PADDING); err: return ret; } diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c index d4db595164..64e6751456 100644 --- a/crypto/evp/p_enc.c +++ b/crypto/evp/p_enc.c @@ -22,15 +22,19 @@ int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len, EVP_PKEY *pubk) { int ret = 0; + RSA *rsa = NULL; if (EVP_PKEY_get_id(pubk) != EVP_PKEY_RSA) { ERR_raise(ERR_LIB_EVP, EVP_R_PUBLIC_KEY_NOT_RSA); goto err; } + rsa = evp_pkey_get0_RSA_int(pubk); + if (rsa == NULL) + goto err; + ret = - RSA_public_encrypt(key_len, key, ek, evp_pkey_get0_RSA_int(pubk), - RSA_PKCS1_PADDING); + RSA_public_encrypt(key_len, key, ek, rsa, RSA_PKCS1_PADDING); err: return ret; } |