diff options
author | Milan Broz <gmazyland@gmail.com> | 2022-10-29 12:48:51 +0300 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-11-10 20:10:48 +0300 |
commit | 373d90128042cb0409e347827d80b50a99d3965a (patch) | |
tree | 64b4a300cee9a2bee10a2792e823a339d08ec6e7 | |
parent | 608aca8ed2becccfe9c238846834ea2b162fc98b (diff) |
pem: avoid segfault if PKEY is NULL in PEM_write_bio_PrivateKey
Make the code more robust and correctly handle EVP_PKEY set to NULL
instead of dereferencing null pointer.
Signed-off-by: Milan Broz <gmazyland@gmail.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19536)
-rw-r--r-- | crypto/pem/pem_pkey.c | 5 | ||||
-rw-r--r-- | test/evp_pkey_provided_test.c | 7 |
2 files changed, 10 insertions, 2 deletions
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 53367c03db..8ffeed9d78 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -311,7 +311,7 @@ PEM_write_cb_ex_fnsig(PrivateKey, EVP_PKEY, BIO, write_bio) IMPLEMENT_PEM_provided_write_body_main(pkey, bio); legacy: - if (x->ameth == NULL || x->ameth->priv_encode != NULL) + if (x != NULL && (x->ameth == NULL || x->ameth->priv_encode != NULL)) return PEM_write_bio_PKCS8PrivateKey(out, x, enc, (const char *)kstr, klen, cb, u); return PEM_write_bio_PrivateKey_traditional(out, x, enc, kstr, klen, cb, u); @@ -336,6 +336,9 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x, EVP_PKEY *copy = NULL; int ret; + if (x == NULL) + return 0; + if (evp_pkey_is_assigned(x) && evp_pkey_is_provided(x) && evp_pkey_copy_downgraded(©, x)) diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c index 1269fbf24f..3237884d7c 100644 --- a/test/evp_pkey_provided_test.c +++ b/test/evp_pkey_provided_test.c @@ -188,7 +188,12 @@ static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk) /* Unencrypted private key in PEM form */ || !TEST_true(PEM_write_bio_PrivateKey(membio, pk, NULL, NULL, 0, NULL, NULL)) - || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))) + || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)) + /* NULL key */ + || !TEST_false(PEM_write_bio_PrivateKey(membio, NULL, + NULL, NULL, 0, NULL, NULL)) + || !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL, + NULL, NULL, 0, NULL, NULL))) goto err; ret = 1; |