Hello. In file engines/ccgost/gost_crypt.c, in function gost89_get_asn1_parameters:
gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
params->value.sequence->length);
len = gcp->iv->length;
'gcp' is used without checking for NULL. Can it be NULL if we got wrong
encoded ASN1 GOST encryption parameters?
If so - there'll be a crash.
Please, check.
Best regards, Vladimir
