1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
From c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1 Mon Sep 17 00:00:00 2001
From: Henrik Andersson <hean01@cendio.com>
Date: Mon, 24 Oct 2016 10:24:35 +0200
Subject: [PATCH] Fix crash in rdssl_cert_to_rkey.
This crash was introduced by merging OpenSSL 1.1 PR done on
commit 50b39d11. Where algor was overwritten with return value
of X509_PUBKEY_get0_param(). I also added additional error
handling for X509_get_X509_PUBKEY.
Thanks to TingPing that found this error in PR.
---
ssl.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/ssl.c b/ssl.c
index 032e9b9..07d7aa5 100644
--- a/ssl.c
+++ b/ssl.c
@@ -3,6 +3,7 @@
Secure sockets abstraction layer
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
Copyright (C) Jay Sorg <j@american-data.com> 2006-2008
+ Copyright (C) Henrik Andersson <hean01@cendio.com> 2016
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -140,6 +141,7 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
EVP_PKEY *epk = NULL;
RDSSL_RKEY *lkey;
int nid;
+ int ret;
/* By some reason, Microsoft sets the OID of the Public RSA key to
the oid for "MD5 with RSA Encryption" instead of "RSA Encryption"
@@ -151,7 +153,18 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
X509_ALGOR *algor = NULL;
key = X509_get_X509_PUBKEY(cert);
- algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
+ if (key == NULL)
+ {
+ error("Failed to get public key from certificate.\n");
+ return NULL;
+ }
+
+ ret = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
+ if (ret != 1)
+ {
+ error("Faild to get algorithm used for public key.\n");
+ return NULL;
+ }
nid = OBJ_obj2nid(algor->algorithm);
|
