From 7fb82d06746f7503323a7846448e095bf8f5ef9e Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 26 Aug 2016 15:14:24 +0100
Subject: SRP_create_verifier does not check for NULL before OPENSSL_cleanse

OPENSSL_cleanse() does not validate its input parameter for NULL so
SRP_create_verifier() should do so instead. Otherwise a segfault will
result.

Alternative solution to GitHub PR#1006

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 crypto/srp/srp_vfy.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'crypto/srp')

diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index 986babfd49..af557a1ac3 100644
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -635,7 +635,8 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
         BN_free(N_bn);
         BN_free(g_bn);
     }
-    OPENSSL_cleanse(vf, vfsize);
+    if (vf != NULL)
+        OPENSSL_cleanse(vf, vfsize);
     OPENSSL_free(vf);
     BN_clear_free(s);
     BN_clear_free(v);
-- 
cgit v1.2.3