x509: coverity 1472673 & 1472693 - dereference after null checks

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14589)

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index a149bf49dc286bc719884615c04d8d95686bf22a..3ced70b21fe027e1ffc96415a89550944abd5f9a 100644 (file)
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -251,18 +251,21 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
         return -1;
 
     /* Ensure canonical encoding is present and up to date */
-    if (!a->canon_enc || a->modified) {
+    if (a->canon_enc == NULL || a->modified) {
         ret = i2d_X509_NAME((X509_NAME *)a, NULL);
         if (ret < 0)
             return -2;
     }
 
-    if (!b->canon_enc || b->modified) {
+    if (b->canon_enc == NULL || b->modified) {
         ret = i2d_X509_NAME((X509_NAME *)b, NULL);
         if (ret < 0)
             return -2;
     }
 
+    if (a->canon_enc == NULL || b->canon_enc == NULL)
+        return -2;
+
     ret = a->canon_enclen - b->canon_enclen;
     if (ret == 0 && a->canon_enclen != 0)
         ret = memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);