The branch master has been updated
via 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68 (commit)
from 44bf7119d67272dbbe3a96c58b842aff8d93c1b4 (commit)
- Log -----------------------------------------------------------------
commit 330dcb09b2df7e1e6d1d3d14a5df7269aebd9a68
Author: Matt Caswell <m...@openssl.org>
Date: Wed Nov 11 10:44:07 2015 +0000
Add a return value check
If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then
we should set the NID to NID_undef.
Reviewed-by: Richard Levitte <levi...@openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 83015e8..571a891 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3326,7 +3326,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg)
static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
int *psignhash_nid, const unsigned char *data)
{
- int sign_nid = 0, hash_nid = 0;
+ int sign_nid = NID_undef, hash_nid = NID_undef;
if (!phash_nid && !psign_nid && !psignhash_nid)
return;
if (phash_nid || psignhash_nid) {
@@ -3340,9 +3340,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int
*psign_nid,
*psign_nid = sign_nid;
}
if (psignhash_nid) {
- if (sign_nid && hash_nid)
- OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid);
- else
+ if (sign_nid == NID_undef || hash_nid == NID_undef
+ || OBJ_find_sigid_by_algs(psignhash_nid, hash_nid,
+ sign_nid) <= 0)
*psignhash_nid = NID_undef;
}
}
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
