]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ace1418) | patch
sm2: sm2_sign.c: check EC_KEY_get0_private_key() for NULL in sm2_sig_gen()
authorAntonMoryakov <ant.v.moryakov@gmail.com>
Mon, 2 Jun 2025 10:14:28 +0000 (13:14 +0300)
committerTomas Mraz <tomas@openssl.org>
Fri, 25 Jul 2025 10:07:44 +0000 (12:07 +0200)
commit93bf938cba809e018043226e2eb1d905bc577147
tree9566a0df22a7ba85cfe02335be7014ccfcdefa4dtree
parentace1418bd928df5e996a0fa00585d3b99c2a33fecommit | diff
sm2: sm2_sign.c: check EC_KEY_get0_private_key() for NULL in sm2_sig_gen()

Static analysis revealed that sm2_sig_gen() dereferences the return value
of EC_KEY_get0_private_key() without checking for NULL. This could lead to
a crash if the private key is unset.

This patch adds a NULL check and raises ERR_R_PASSED_NULL_PARAMETER if the
key is missing.

Issue found by static analyzer:
> Return value of EC_KEY_get0_private_key() is dereferenced without checking for NULL (11/12 checked)

CLA: trivial
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27741)

(cherry picked from commit c108ead2840a76a59fe02c049d08322a02b24761)
crypto/sm2/sm2_sign.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git