From: Daniel DeFreez <daniel@defreez.com>
Date: Wed, 13 Feb 2019 06:26:14 +0000 (+0800)
Subject: Fix null pointer dereference in cms_RecipientInfo_kari_init
X-Git-Tag: OpenSSL_1_1_1b~36
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=851437094aca6067d425f7869751df41cde775fe;p=oweals%2Fopenssl.git

Fix null pointer dereference in cms_RecipientInfo_kari_init

CLA: trivial

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8137)

(cherry picked from commit b754a8a1590b8c5c9662c8a0ba49573991488b20)
---

diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index 3bc46febf6..f104eec29d 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -282,7 +282,7 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
     return rv;
 }
 
-/* Initialise a ktri based on passed certificate and key */
+/* Initialise a kari based on passed certificate and key */
 
 int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
                                 EVP_PKEY *pk, unsigned int flags)
@@ -299,6 +299,9 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
     kari->version = 3;
 
     rek = M_ASN1_new_of(CMS_RecipientEncryptedKey);
+    if (rek == NULL)
+        return 0;
+
     if (!sk_CMS_RecipientEncryptedKey_push(kari->recipientEncryptedKeys, rek)) {
         M_ASN1_free_of(rek, CMS_RecipientEncryptedKey);
         return 0;