From b754a8a1590b8c5c9662c8a0ba49573991488b20 Mon Sep 17 00:00:00 2001 From: Daniel DeFreez Date: Wed, 13 Feb 2019 14:26:14 +0800 Subject: [PATCH] Fix null pointer dereference in cms_RecipientInfo_kari_init CLA: trivial Reviewed-by: Bernd Edlinger Reviewed-by: Paul Yang Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8137) --- crypto/cms/cms_kari.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c index 4ee7017cfe..9f1f5d55f6 100644 --- a/crypto/cms/cms_kari.c +++ b/crypto/cms/cms_kari.c @@ -282,7 +282,7 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari, return rv; } -/* Initialise a ktri based on passed certificate and key */ +/* Initialise a kari based on passed certificate and key */ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, EVP_PKEY *pk, unsigned int flags) @@ -299,6 +299,9 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, kari->version = 3; rek = M_ASN1_new_of(CMS_RecipientEncryptedKey); + if (rek == NULL) + return 0; + if (!sk_CMS_RecipientEncryptedKey_push(kari->recipientEncryptedKeys, rek)) { M_ASN1_free_of(rek, CMS_RecipientEncryptedKey); return 0; -- 2.25.1