From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 2 Jun 2022 14:50:15 +0000 (+0200)
Subject: Check return value of ossl_parse_property()
X-Git-Tag: openssl-3.2.0-alpha1~2558
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4fa5ed5ce5c345eaeaec8b86eda265add467f941;p=thirdparty%2Fopenssl.git

Check return value of ossl_parse_property()

Also check if we have d2i_public_key() function pointer.

Fixes https://github.com/openssl/openssl/pull/18355#issuecomment-1144893289

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18462)
---

diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c
index a08705abb38..11e94dbcc45 100644
--- a/crypto/encode_decode/decoder_meth.c
+++ b/crypto/encode_decode/decoder_meth.c
@@ -191,8 +191,11 @@ void *ossl_decoder_from_algorithm(int id, const OSSL_ALGORITHM *algodef,
         return NULL;
     }
     decoder->base.algodef = algodef;
-    decoder->base.parsed_propdef
-        = ossl_parse_property(libctx, algodef->property_definition);
+    if ((decoder->base.parsed_propdef
+         = ossl_parse_property(libctx, algodef->property_definition)) == NULL) {
+        OSSL_DECODER_free(decoder);
+        return NULL;
+    }
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c
index 7571570d281..7a28894b2ca 100644
--- a/crypto/encode_decode/encoder_meth.c
+++ b/crypto/encode_decode/encoder_meth.c
@@ -191,8 +191,11 @@ static void *encoder_from_algorithm(int id, const OSSL_ALGORITHM *algodef,
         return NULL;
     }
     encoder->base.algodef = algodef;
-    encoder->base.parsed_propdef
-        = ossl_parse_property(libctx, algodef->property_definition);
+    if ((encoder->base.parsed_propdef
+         = ossl_parse_property(libctx, algodef->property_definition)) == NULL) {
+        OSSL_ENCODER_free(encoder);
+        return NULL;
+    }
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
index f6d293f2b8c..ebc2d248333 100644
--- a/providers/implementations/encode_decode/decode_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -227,7 +227,7 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
         derp = der;
         if (ctx->desc->d2i_PUBKEY != NULL)
             key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len);
-        else
+        else if (ctx->desc->d2i_public_key != NULL)
             key = ctx->desc->d2i_public_key(NULL, &derp, der_len);
         if (key == NULL && ctx->selection != 0) {
             ERR_clear_last_mark();