diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2016-12-31 13:01:11 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2017-02-05 00:58:00 +0100 |
commit | 5d0634a93bdc18e753d641c4563cb18f685e148f (patch) | |
tree | 3e37a7584a5f9552848147f45dd31a5dec24bd32 /ssl | |
parent | ac162301b45a7458ced227437922141c692383ae (diff) |
Combined patch against OpenSSL_1_1_0-stable branch for the following issues:
Fixed a memory leak in ASN1_digest and ASN1_item_digest.
Reworked error handling in asn1_item_embed_new.
Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup.
Fixed a memory leak in CRYPTO_free_ex_data.
Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon.
Check for null pointer in tls_process_cert_verify.
Fixes #2103 #2104 #2105 #2109 #2111 #2115
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2163)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/statem_srvr.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 2d110aad33..f875b3c221 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2715,6 +2715,11 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) peer = s->session->peer; pkey = X509_get0_pubkey(peer); + if (pkey == NULL) { + al = SSL_AD_INTERNAL_ERROR; + goto f_err; + } + type = X509_certificate_type(peer, pkey); if (!(type & EVP_PKT_SIGN)) { |