We should avoid accessing the pointer if ASN1_STRING_new() allocates memory failed. --- crypto/dh/dh_ameth.c | 6 ++++++ crypto/dsa/dsa_ameth.c | 5 +++++ 2 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 141c09b..784746b 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -162,6 +162,12 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) dh=pkey->pkey.dh; str = ASN1_STRING_new(); + if (!str) + { + DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE); + goto err; + } + str->length = i2d_dhp(pkey, dh, &str->data); if (str->length <= 0) { diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 6b1d52f..40465b6 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -148,6 +148,11 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { ASN1_STRING *str; str = ASN1_STRING_new(); + if (!str) + { + DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); + goto err; + } str->length = i2d_DSAparams(dsa, &str->data); if (str->length <= 0) { -- 1.7.0.2 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org