generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might

Browse Source 
cause a segfault...  This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
This commit is contained in:
Richard Levitte
2005-01-27 01:49:23 +00:00
parent d88edf1447
commit 532d936be8
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/asn1/a_verify.c
View File

@@ -150,7 +150,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
goto err; goto err;
} }
EVP_VerifyInit_ex(&ctx,type, NULL); if (!EVP_VerifyInit_ex(&ctx,type, NULL))
{
ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
ret=0;
goto err;
}
EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_cleanse(buf_in,(unsigned int)inl);