Don't try and verify signatures if key is NULL (CVE-2013-0166)

[oweals/openssl.git] / apps / ec.c

diff --git a/apps/ec.c b/apps/ec.c
index a763daa65369c3c42c4558318dd894fa810c6513..6b3d3ad91b484fc680849ebe6f075ac7a8225dee 100644 (file)
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -56,6 +56,7 @@
  *
  */
 
+#include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_EC
 #include <stdio.h>
 #include <stdlib.h>
@@ -84,9 +85,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
 {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE  *e = NULL;
-#endif
        int     ret = 1;
        EC_KEY  *eckey = NULL;
        const EC_GROUP *group;
@@ -243,7 +241,7 @@ bad:
                                " the ec parameters are encoded\n");
                BIO_printf(bio_err, "                 in the asn1 der "
                                "encoding\n");
-               BIO_printf(bio_err, "                 possilbe values:"
+               BIO_printf(bio_err, "                 possible values:"
                                " named_curve (default)\n");
                BIO_printf(bio_err,"                                  "
                                "explicit\n");
@@ -253,7 +251,7 @@ bad:
        ERR_load_crypto_strings();
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) 
@@ -346,7 +344,10 @@ bad:
                        }
 
        if (noout) 
+               {
+               ret = 0;
                goto end;
+               }
 
        BIO_printf(bio_err, "writing EC key\n");
        if (outformat == FORMAT_ASN1)