From a6465b3f8557f69e84e7d8e097f9c45ba4479dd6 Mon Sep 17 00:00:00 2001 From: Pauli Date: Fri, 7 Sep 2018 09:04:59 +1000 Subject: [PATCH] Avoid SEGV when giving X509_sign a NULL private key. Put a NULL check back in to avoid dereferencing the NULL pointer. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7146) --- crypto/evp/pmeth_lib.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 6a0fc81f1f..ef923fdc5e 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -106,6 +106,8 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) const EVP_PKEY_METHOD *pmeth; if (id == -1) { + if (pkey == NULL) + return 0; id = pkey->type; } #ifndef OPENSSL_NO_ENGINE @@ -151,7 +153,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) ret->pmeth = pmeth; ret->operation = EVP_PKEY_OP_UNDEFINED; ret->pkey = pkey; - if (pkey) + if (pkey != NULL) EVP_PKEY_up_ref(pkey); if (pmeth->init) { -- 2.25.1