diff options
author | Rich Salz <rsalz@openssl.org> | 2014-09-10 11:43:45 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2014-09-10 12:20:25 -0400 |
commit | bea9a177263f4dbbc662082837cdb58f4cf741c3 (patch) | |
tree | 2965b6d17dac9645b3499a0cd0a1732e2c93c4af /crypto/ocsp | |
parent | b537ea9ce43d1a920b60ec30f2b5cdb9bbb05e29 (diff) |
RT2560: missing NULL check in ocsp_req_find_signer
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit b2aa38a980e9fbf158aafe487fb729c492b241fb)
Diffstat (limited to 'crypto/ocsp')
-rw-r--r-- | crypto/ocsp/ocsp_vfy.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index 276718304d..fc0d4cc0f5 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -436,8 +436,11 @@ static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm if(!(flags & OCSP_NOINTERN)) { signer = X509_find_by_subject(req->optionalSignature->certs, nm); - *psigner = signer; - return 1; + if (signer) + { + *psigner = signer; + return 1; + } } signer = X509_find_by_subject(certs, nm); |