issuer passed as second parameter to check_issued may result in
NULL dereference
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24760)
issuer = sk_X509_value(ctx->chain, cnum + 1);
} else {
issuer = sk_X509_value(ctx->chain, chnum);
+ if (!ossl_assert(issuer != NULL))
+ return 0;
/* If not self-issued, can't check signature */
if (!ctx->check_issued(ctx, issuer, issuer) &&
!verify_cb_crl(ctx, X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER))