Check for null-pointer dereference in dh_cms_set_peerkey

Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16382)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2021-08-23 11:13:26 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2021-08-26 09:00:26 +0200
commit: 5d91c74fa3fcd8c17184ab8f51745de8354f7362 (patch)
tree: e41e73f7cdf5ecdcbabeeef0703416df3e7a3d9c /crypto
parent: 7a1a91556cc271d38944410b133a2ab5e2cf8ca8 (diff)
1 files changed, 7 insertions, 4 deletions
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
index d53004080d..0d4026c206 100644
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -629,16 +629,18 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
         goto err;
 
     pk = EVP_PKEY_CTX_get0_pkey(pctx);
-    if (!pk)
-        goto err;
-    if (pk->type != EVP_PKEY_DHX)
+    if (pk == NULL || pk->type != EVP_PKEY_DHX)
         goto err;
+
     /* Get parameters from parent key */
     dhpeer = DHparams_dup(pk->pkey.dh);
+    if (dhpeer == NULL)
+        goto err;
+
     /* We have parameters now set public key */
     plen = ASN1_STRING_length(pubkey);
     p = ASN1_STRING_get0_data(pubkey);
-    if (!p || !plen)
+    if (p == NULL || plen == 0)
         goto err;
 
     if ((public_key = d2i_ASN1_INTEGER(NULL, &p, plen)) == NULL) {
@@ -655,6 +657,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
     pkpeer = EVP_PKEY_new();
     if (pkpeer == NULL)
         goto err;
+
     EVP_PKEY_assign(pkpeer, pk->ameth->pkey_id, dhpeer);
     dhpeer = NULL;
     if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2021-08-23 11:13:26 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2021-08-26 09:00:26 +0200
commit	5d91c74fa3fcd8c17184ab8f51745de8354f7362 (patch)
tree	e41e73f7cdf5ecdcbabeeef0703416df3e7a3d9c /crypto
parent	7a1a91556cc271d38944410b133a2ab5e2cf8ca8 (diff)