Hi, This patch fixes a potential NULL pointer dereference in EVP_DigestInit_ex() when type is NULL and somehow ctx->digest is not whereas ctx->engine is.
I don't think this is very likely to happen, but still doesn't hurt to fix it, even only in 1.0.1-beta2, as it will not break existing code. This patch has been generated against OpenSSL 0.9.8t, but it applies cleanly against 1.0.0g and 1.0.1-beta2. Thank you, Regards, Remi Gacogne
|
Hi,
This patch fixes a potential NULL pointer dereference in EVP_DigestInit_ex() when type is NULL and somehow ctx->digest is not whereas ctx->engine is.
I don't think this is very likely to happen, but still doesn't hurt to fix it, even only in 1.0.1-beta2, as it will not break existing code.
This patch has been generated against OpenSSL 0.9.8t, but it applies cleanly against 1.0.0g and 1.0.1-beta2.
Thank you,
Regards,
Remi Gacogne
|
diff -ru openssl-0.9.8t/crypto/evp/digest.c openssl-0.9.8t-patched/crypto/evp/digest.c
--- openssl-0.9.8t/crypto/evp/digest.c 2010-03-05 14:35:06.000000000 +0100
+++ openssl-0.9.8t-patched/crypto/evp/digest.c 2012-02-18 20:08:52.000000000 +0100
@@ -283,7 +283,7 @@
if (!do_evp_md_engine(ctx, &type, impl))
return 0;
#endif
- if (ctx->digest != type)
+ if (ctx->digest != type && type)
{
#ifdef OPENSSL_FIPS
if (FIPS_mode())
