openssl: avoid NULL pointer dereference

EVP_PKEY_CTX_new_id() may return NULL and for this reason we must check
its return value and bail out in case of failure.

Failing to do so, may result in NULL pointer dereferece when we
pass the returned pointer (NULL) to other functions.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210405080007.1665-2-a@unstable.cc>
URL: https://www.mail-archive.com/search?l=mid&q=20210405080007.1665-2-a@unstable.cc
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index d54ca6d26712660d4dea773ee9e03db2d91a2160..dc6b0fa71ab1cd46f712f82050915449ed0f025b 100644 (file)
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -1125,8 +1125,13 @@ bool
 ssl_tls1_PRF(const uint8_t *seed, int seed_len, const uint8_t *secret,
              int secret_len, uint8_t *output, int output_len)
 {
-    bool ret = false;
     EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
+    if (!pctx)
+    {
+        return false;
+    }
+
+    bool ret = false;
     if (!EVP_PKEY_derive_init(pctx))
     {
         goto out;