From: Pauli <pauli@openssl.org>
Date: Sun, 30 May 2021 23:26:05 +0000 (+1000)
Subject: req: fix Coverity 1485137 Explicit null dereference
X-Git-Tag: openssl-3.0.0-beta1~283
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8ee66a092c07e618191ef49c8912f8235b08bb95;p=thirdparty%2Fopenssl.git

req: fix Coverity 1485137 Explicit null dereference

Add a check for a non-existent file name when specifying params via file.
Add a check for a failure to determine key type.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15534)
---

diff --git a/apps/req.c b/apps/req.c
index a9769b74527..3b0545fd6e7 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1522,6 +1522,12 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
 
         if (strncmp(gstr, "param", len) == 0) {
             expect_paramfile = 1;
+            if (p == NULL) {
+                BIO_printf(bio_err,
+                           "Parameter file requested but no path given: %s\n",
+                           gstr);
+                return NULL;
+            }
         } else {
             keytype = gstr;
             keytypelen = len;
@@ -1569,6 +1575,11 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         }
         if (keytype == NULL) {
             keytype = EVP_PKEY_get0_type_name(param);
+            if (keytype == NULL) {
+                EVP_PKEY_free(param);
+                BIO_puts(bio_err, "Unable to determine key type\n");
+                return NULL;
+            }
         }
     }