File Name: /crypto/pkcs12/p12_npas.c Function Name: alg_get() Buggy Code: 210: pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence- >length); // if (pbe == NULL) return is missed here
211: *pnid = OBJ_obj2nid(alg->algorithm); 212: *piter = ASN1_INTEGER_get(pbe->iter); 213: *psaltlen = pbe->salt->length; 214: PBEPARAM_free(pbe); Our research group develops an approach to discovering potential bugs in software. Our approach found a rule specifying that an error occurs if d2i_PBEPARAM() returns NULL. However, the output of the function is not checked in the above code. Raymond ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]