From: Zhou Qingyang <zhou1615@umn.edu>
Date: Wed, 6 Apr 2022 16:48:09 +0000 (+0800)
Subject: Fix a possible NULL pointer dereference in create_cert_store()
X-Git-Tag: openssl-3.2.0-alpha1~2752
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3f075967f664aac12951a1d7aa3124d9235cd299;p=thirdparty%2Fopenssl.git

Fix a possible NULL pointer dereference in create_cert_store()

In create_cert_store(), X509_STORE_new() is called and there is a
dereference of it in following function X509_STORE_add_lookup()
without check, which could lead to NULL pointer dereference.

Fix this by adding a NULL check of X509_STORE_new()

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18057)
---

diff --git a/apps/ts.c b/apps/ts.c
index 2497c3b32a7..e4a7515f0c9 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -980,6 +980,10 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile,
     const char *propq = app_get0_propq();
 
     cert_ctx = X509_STORE_new();
+    if (cert_ctx == NULL) {
+        BIO_printf(bio_err, "memory allocation failure\n");
+        return NULL;
+    }
     X509_STORE_set_verify_cb(cert_ctx, verify_cb);
     if (CApath != NULL) {
         lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());