mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-09 19:43:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

params: avoid a core dump with a null pointer and a get string call

Browse Source 
Previous a get string (UTF8 or octet) params call would memcpy(2) from a NULL
pointer if the OSSL_PARAM didn't have its data field set.  This change makes
the operation fail rather than core dump and it returns to param size (if set).

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11474)
This commit is contained in:
Pauli 2020-04-06 11:53:10 +10:00
parent c61ced5ec5
commit 86f32187c3
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/params.c
View File

@ -778,6 +778,8 @@ static int get_string_internal(const OSSL_PARAM *p, void **val, size_t max_len,
if (sz == 0)
return 1;
if (p->data == NULL)
return 0;
if (*val == NULL) {
char *const q = OPENSSL_malloc(sz);