diff options
author | Paul Yang <yang.yang@baishancloud.com> | 2018-11-26 16:57:55 +0800 |
---|---|---|
committer | Paul Yang <yang.yang@baishancloud.com> | 2018-11-27 11:27:18 +0800 |
commit | 9465e716398ea13391aa7a0c93f10abf003245c0 (patch) | |
tree | 6b38fb350b2400fd0076b7386b0d2f829d3d1065 /ssl | |
parent | 156c4d6290fddb2379c13870e19a1a8ef0b0f095 (diff) |
Fix access zero memory if SSL_DEBUG is enabled
If compile OpenSSL with SSL_DEBUG macro, some test cases will cause the
process crashed in the debug code.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7707)
(cherry picked from commit 5a4481f0e0bbf836c7f41805e84617784cb6b1db)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/statem_clnt.c | 3 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 6 |
2 files changed, 6 insertions, 3 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 0a11b88183..5a8f1163df 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2353,7 +2353,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) } #ifdef SSL_DEBUG if (SSL_USE_SIGALGS(s)) - fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); + fprintf(stderr, "USING TLSv1.2 HASH %s\n", + md == NULL ? "n/a" : EVP_MD_name(md)); #endif if (!PACKET_get_length_prefixed_2(pkt, &signature) diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 4324896f50..be270e23fc 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -396,7 +396,8 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) #ifdef SSL_DEBUG if (SSL_USE_SIGALGS(s)) - fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); + fprintf(stderr, "USING TLSv1.2 HASH %s\n", + md == NULL ? "n/a" : EVP_MD_name(md)); #endif /* Check for broken implementations of GOST ciphersuites */ @@ -439,7 +440,8 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) } #ifdef SSL_DEBUG - fprintf(stderr, "Using client verify alg %s\n", EVP_MD_name(md)); + fprintf(stderr, "Using client verify alg %s\n", + md == NULL ? "n/a" : EVP_MD_name(md)); #endif if (EVP_DigestVerifyInit(mctx, &pctx, md, NULL, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY, |