Check pbe2->keyfunc->parameter is not NULL before dereferencing.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 15 Apr 2006 17:42:46 +0000 (17:42 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 15 Apr 2006 17:42:46 +0000 (17:42 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 15 Apr 2006 17:42:46 +0000 (17:42 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 15 Apr 2006 17:42:46 +0000 (17:42 +0000)
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c

index 1f94e1ef88b26ed56da7c3e42d115c3d29a4d862..1d5fabc4b2ae45b8b231b47f7976d47e47feb2c0 100644 (file)
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -194,11 +194,16 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
  
         /* Now decode key derivation function */
  
+       if(!pbe2->keyfunc->parameter ||
+                (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
+               {
+               EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+               goto err;
+               }
+
         pbuf = pbe2->keyfunc->parameter->value.sequence->data;
         plen = pbe2->keyfunc->parameter->value.sequence->length;
-       if(!pbe2->keyfunc->parameter ||
-                (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
-                               !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
+       if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
                 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
                 goto err;
         }
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 15 Apr 2006 17:42:46 +0000 (17:42 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 15 Apr 2006 17:42:46 +0000 (17:42 +0000)