diff options
| author | Rich Salz <rsalz@openssl.org> | 2014-09-10 11:43:45 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2014-09-10 12:20:15 -0400 |
| commit | a9d928a8b60c13d6a6475294deb56ba92fc6fbac (patch) | |
| tree | d960956715379faa56375941d4b37ea9231bc1f3 /crypto/ocsp | |
| parent | 3aa2d2d08f56602f128e4a3ea5e22f4299ea8a7f (diff) | |
RT2560: missing NULL check in ocsp_req_find_signer
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit b2aa38a980e9fbf158aafe487fb729c492b241fb)
Diffstat (limited to 'crypto/ocsp')
| -rw-r--r-- | crypto/ocsp/ocsp_vfy.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index 276718304d..fc0d4cc0f5 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -436,8 +436,11 @@ static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm if(!(flags & OCSP_NOINTERN)) { signer = X509_find_by_subject(req->optionalSignature->certs, nm); - *psigner = signer; - return 1; + if (signer) + { + *psigner = signer; + return 1; + } } signer = X509_find_by_subject(certs, nm); |