From: Shane Lontis <shane.lontis@oracle.com>
Date: Tue, 11 Aug 2020 06:33:19 +0000 (+1000)
Subject: Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()
X-Git-Tag: openssl-3.0.0-alpha7~502
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=51bba73e9361d19a0827e4459c01a7b3f6712415;p=thirdparty%2Fopenssl.git

Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final()

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
---

diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 7e2de96e839..1a2238f0a86 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -775,10 +775,11 @@ static int rsa_digest_sign_final(void *vprsactx, unsigned char *sig,
     unsigned char digest[EVP_MAX_MD_SIZE];
     unsigned int dlen = 0;
 
+    if (prsactx == NULL)
+        return 0;
     prsactx->flag_allow_md = 1;
-    if (prsactx == NULL || prsactx->mdctx == NULL)
+    if (prsactx->mdctx == NULL)
         return 0;
-
     /*
      * If sig is NULL then we're just finding out the sig size. Other fields
      * are ignored. Defer to rsa_sign.