]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a260ecb)
EVP_MD_CTX_gettable_params(): Add NULL check before dereference
authorDrokovar Dmitriy <drokov@rutoken.ru>
Tue, 10 Mar 2026 05:38:57 +0000 (01:38 -0400)
committerTomas Mraz <tomas@openssl.foundation>
Fri, 3 Apr 2026 15:24:54 +0000 (17:24 +0200)
Found by Linux Verification Center (linuxtesting.org) with SVACE.

CLA:trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Fri Apr  3 15:24:39 2026
(Merged from https://github.com/openssl/openssl/pull/30589)

(cherry picked from commit 9ac50d2d7bdf207c2e408bed79641169f5c69894)

crypto/evp/digest.c patch | blob | blame | history

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 1e73bd3d1baeaa0719168812457990e3cd88a0bf..43fa6b1256b01e22c5c6e40b15576c46b87ea68f 100644 (file)
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -693,8 +693,9 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
     if (ossl_unlikely(pctx != NULL)
         && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
             || pctx->operation == EVP_PKEY_OP_SIGNCTX)
-        && pctx->op.sig.algctx != NULL
-        && pctx->op.sig.signature->gettable_ctx_md_params != NULL)
+        && pctx->op.sig.signature != NULL
+        && pctx->op.sig.signature->gettable_ctx_md_params != NULL
+        && pctx->op.sig.algctx != NULL)
         return pctx->op.sig.signature->gettable_ctx_md_params(
             pctx->op.sig.algctx);
 
Mirror of https://github.com/openssl/openssl.git