Fix NULL ptr dereference on EC_POINT *point

author Shawn C <citypw@hardenedlinux.org>

Thu, 19 Sep 2024 17:14:09 +0000 (17:14 +0000)

committer Tomas Mraz <tomas@openssl.org>

Thu, 26 Sep 2024 08:04:30 +0000 (10:04 +0200)
author Shawn C <citypw@hardenedlinux.org>
Thu, 19 Sep 2024 17:14:09 +0000 (17:14 +0000)
committer Tomas Mraz <tomas@openssl.org>
Thu, 26 Sep 2024 08:04:30 +0000 (10:04 +0200)
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c

index b32697fb857224faff586225e73a4d970a53d9ff..643d2d8d7b824bf9d0453be3c09d894c80bf8355 100644 (file)
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1156,7 +1156,7 @@ int i2o_ECPublicKey(const EC_KEY *a, unsigned char **out)
      size_t buf_len = 0;
      int new_buffer = 0;
  
-    if (a == NULL) {
+    if (a == NULL || a->pub_key == NULL) {
          ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER);
          return 0;
      }
diff --git a/crypto/ec/ec_oct.c b/crypto/ec/ec_oct.c

index 0ad3394c8270fcce80e34135b2b1bb692cac7e88..886e5fd310f45e256b2630f0546f06e63733e9eb 100644 (file)
--- a/crypto/ec/ec_oct.c
+++ b/crypto/ec/ec_oct.c
@@ -74,6 +74,10 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
                            point_conversion_form_t form, unsigned char *buf,
                            size_t len, BN_CTX *ctx)
  {
+    if (point == NULL) {
+        ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
      if (group->meth->point2oct == 0
          && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
          ERR_raise(ERR_LIB_EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
author	Shawn C <citypw@hardenedlinux.org>
	Thu, 19 Sep 2024 17:14:09 +0000 (17:14 +0000)
committer	Tomas Mraz <tomas@openssl.org>
	Thu, 26 Sep 2024 08:04:30 +0000 (10:04 +0200)
crypto/ec/ec_asn1.c		patch \| blob \| blame \| history
crypto/ec/ec_oct.c		patch \| blob \| blame \| history