The branch master has been updated
via c223c4a9ce9b36b352a55e91862e1c6eda533723 (commit)
from 2ee65a672fe18fe275cf7ac1f86e8723ee38ebdc (commit)
- Log -----------------------------------------------------------------
commit c223c4a9ce9b36b352a55e91862e1c6eda533723
Author: Matt Caswell <[email protected]>
Date: Mon Apr 25 16:44:19 2016 +0100
Check that the obtained public key is valid
In the X509 app check that the obtained public key is valid before we
attempt to use it.
Issue reported by Yuan Jochen Kang.
Reviewed-by: Viktor Dukhovni <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
apps/x509.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/apps/x509.c b/apps/x509.c
index 4bf7cdb..56c6fcc 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -943,6 +943,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile,
const EVP_MD *digest,
EVP_PKEY *upkey;
upkey = X509_get0_pubkey(xca);
+ if (upkey == NULL) {
+ BIO_printf(bio_err, "Error obtaining CA X509 public key\n");
+ goto end;
+ }
EVP_PKEY_copy_parameters(upkey, pkey);
xsc = X509_STORE_CTX_new();
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
