From a8d3dbe19b5c7e5b828792bfe7dcf8dc6d225c62 Mon Sep 17 00:00:00 2001 From: Pauli Date: Mon, 3 Sep 2018 07:29:45 +1000 Subject: [PATCH] Check for a failure return from EVP_MD_CTX_new() in OCSP_basic_sign(). Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7087) --- crypto/ocsp/ocsp_srv.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c index eff6ddbd60..6bd6f7b6d8 100644 --- a/crypto/ocsp/ocsp_srv.c +++ b/crypto/ocsp/ocsp_srv.c @@ -237,6 +237,9 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp, EVP_PKEY_CTX *pkctx = NULL; int i; + if (ctx == NULL) + return 0; + if (!EVP_DigestSignInit(ctx, &pkctx, dgst, NULL, key)) { EVP_MD_CTX_free(ctx); return 0; -- 2.25.1