From 72ded6f2a93085f536b4a820ab42b2da26fecf1c Mon Sep 17 00:00:00 2001
From: Pauli <ppzgs1@gmail.com>
Date: Wed, 17 Mar 2021 13:25:11 +1000
Subject: x509: coverity 1472673 & 1472693 - dereference after null checks

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14589)
---
 crypto/x509/x509_cmp.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'crypto')

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index a149bf49dc..3ced70b21f 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -251,18 +251,21 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
         return -1;
 
     /* Ensure canonical encoding is present and up to date */
-    if (!a->canon_enc || a->modified) {
+    if (a->canon_enc == NULL || a->modified) {
         ret = i2d_X509_NAME((X509_NAME *)a, NULL);
         if (ret < 0)
             return -2;
     }
 
-    if (!b->canon_enc || b->modified) {
+    if (b->canon_enc == NULL || b->modified) {
         ret = i2d_X509_NAME((X509_NAME *)b, NULL);
         if (ret < 0)
             return -2;
     }
 
+    if (a->canon_enc == NULL || b->canon_enc == NULL)
+        return -2;
+
     ret = a->canon_enclen - b->canon_enclen;
     if (ret == 0 && a->canon_enclen != 0)
         ret = memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
-- 
cgit v1.2.3