From: Neil Horman <nhorman@openssl.org>
Date: Sat, 16 Dec 2023 20:32:48 +0000 (-0500)
Subject: Check for NULL cleanup function before using it in encoder_process
X-Git-Tag: openssl-3.3.0-alpha1~93
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cf57c3ecfa416afbc47d36633981034809ee6792;p=thirdparty%2Fopenssl.git

Check for NULL cleanup function before using it in encoder_process

encoder_process assumes a cleanup function has been set in the currently
in-use encoder during processing, which can lead to segfaults if said
function hasn't been set

Add a NULL check for this condition, returning -1 if it is not set

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23069)
---

diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c
index 28dae99dc8e..945b5ba1488 100644
--- a/crypto/encode_decode/encoder_lib.c
+++ b/crypto/encode_decode/encoder_lib.c
@@ -59,6 +59,11 @@ int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out)
         return 0;
     }
 
+    if (ctx->cleanup == NULL || ctx->construct == NULL) {
+        ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INIT_FAIL);
+        return 0;
+    }
+
     return encoder_process(&data) > 0;
 }