Prevent crash on malformed subjectPublicKey

A malformed subjectPublicKey causes X509_PUBKEY_get0() to return NULL.
Fort wasn't catching this when linked specifically to OpenSSL < 3.

Thanks to Niklas Vogel for reporting this.

diff --git a/src/object/certificate.c b/src/object/certificate.c
index b302898713efb1bc03882474502f94d3c8ca4d5f..3e2439bf4dd342e3c816c6255850573da521a338 100644 (file)
--- a/src/object/certificate.c
+++ b/src/object/certificate.c
@@ -421,13 +421,18 @@ validate_subject_public_key(X509_PUBKEY *pubkey)
 
 #define MODULUS 2048
 #define EXPONENT "65537"
+       EVP_PKEY *pkey;
        const RSA *rsa;
        const BIGNUM *exp;
        char *exp_str;
        int modulus;
        int error;
 
-       rsa = EVP_PKEY_get0_RSA(X509_PUBKEY_get0(pubkey));
+       pkey = X509_PUBKEY_get0(pubkey);
+       if (pkey == NULL)
+               return val_crypto_err("The certificate's Subject Public Key is missing or malformed.");
+
+       rsa = EVP_PKEY_get0_RSA(pkey);
        if (rsa == NULL)
                return val_crypto_err("EVP_PKEY_get0_RSA() returned NULL");