Fix a segfault in the pkeyutl command line app

Don't attempt to deref a pkey that is NULL

Fixes #27156

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27228)

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index d72b82fd0b3c75560aa3d050053b671bc6fd7cf2..2d3fd6314476ede51b7626fbdba6697b4c424754 100644 (file)
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -318,6 +318,10 @@ int pkeyutl_main(int argc, char **argv)
     }
 
     pkey = get_pkey(kdfalg, inkey, keyform, key_type, passinarg, pkey_op, e);
+    if (key_type != KEY_NONE && pkey == NULL) {
+        BIO_printf(bio_err, "%s: Error loading key\n", prog);
+        goto end;
+    }
 
     if (pkey_op == EVP_PKEY_OP_VERIFYRECOVER && !EVP_PKEY_is_a(pkey, "RSA")) {
         BIO_printf(bio_err, "%s: -verifyrecover can be used only with RSA\n", prog);