sm2: sm2_sign.c: check EC_KEY_get0_private_key() for NULL in sm2_sig_gen()
Static analysis revealed that sm2_sig_gen() dereferences the return value
of EC_KEY_get0_private_key() without checking for NULL. This could lead to
a crash if the private key is unset.
This patch adds a NULL check and raises ERR_R_PASSED_NULL_PARAMETER if the
key is missing.
Issue found by static analyzer:
> Return value of EC_KEY_get0_private_key() is dereferenced without checking for NULL (11/12 checked)
CLA: trivial Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27741)
projects / thirdparty / openssl.git / commit
