projects
/
libdcp.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
b651392
)
Be more cautious in CertificateChain::private_key_valid.
v1.6.15
author
Carl Hetherington
<cth@carlh.net>
Tue, 10 Mar 2020 21:24:46 +0000
(22:24 +0100)
committer
Carl Hetherington
<cth@carlh.net>
Tue, 10 Mar 2020 21:24:46 +0000
(22:24 +0100)
src/certificate_chain.cc
patch
|
blob
|
history
diff --git
a/src/certificate_chain.cc
b/src/certificate_chain.cc
index 0d99d1c920a28083c4bcf748fe3d3dbe822928a6..7c1dc327be15c7071bfb537aa734fda5fbfe36c3 100644
(file)
--- a/
src/certificate_chain.cc
+++ b/
src/certificate_chain.cc
@@
-500,6
+500,10
@@
CertificateChain::private_key_valid () const
}
RSA* private_key = PEM_read_bio_RSAPrivateKey (bio, 0, 0, 0);
}
RSA* private_key = PEM_read_bio_RSAPrivateKey (bio, 0, 0, 0);
+ if (!private_key) {
+ return false;
+ }
+
RSA* public_key = leaf().public_key ();
#if OPENSSL_VERSION_NUMBER > 0x10100000L
RSA* public_key = leaf().public_key ();
#if OPENSSL_VERSION_NUMBER > 0x10100000L
@@
-507,6
+511,9
@@
CertificateChain::private_key_valid () const
RSA_get0_key(private_key, &private_key_n, 0, 0);
BIGNUM const * public_key_n;
RSA_get0_key(public_key, &public_key_n, 0, 0);
RSA_get0_key(private_key, &private_key_n, 0, 0);
BIGNUM const * public_key_n;
RSA_get0_key(public_key, &public_key_n, 0, 0);
+ if (!private_key_n || !public_key_n) {
+ return false;
+ }
bool const valid = !BN_cmp (private_key_n, public_key_n);
#else
bool const valid = !BN_cmp (private_key->n, public_key->n);
bool const valid = !BN_cmp (private_key_n, public_key_n);
#else
bool const valid = !BN_cmp (private_key->n, public_key->n);