Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

BoringSSL: Keep static analyzers happier with X509_get0_pubkey_bitstr()

While this function could return NULL if the parameter issued to it were
NULL, that does not really happen here. Anyway, since this can result in
a warning from a static analyzer that does can see the return NULL
without fully understanding what it means here, check the return value
explicitly against NULL to avoid false warnings.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 9 years ago
parent
42a95533a8
commit
8b827c342f
1 changed files with 2 additions and 1 deletions
Split View Show Diff Stats
  1. 2 1
      src/crypto/tls_openssl_ocsp.c

+ 2 - 1
src/crypto/tls_openssl_ocsp.c
View File 

@@ -433,7 +433,8 @@ static int issuer_match(X509 *cert, X509 *issuer, CertID *certid)
 
 	}
 
 
 	ikey = X509_get0_pubkey_bitstr(issuer);
 
-	if (!EVP_Digest(ikey->data, ikey->length, md, &len, dgst, NULL) ||
 
+	if (!ikey ||
 
+	    !EVP_Digest(ikey->data, ikey->length, md, &len, dgst, NULL) ||
 
 	    !ASN1_OCTET_STRING_set(hash, md, len)) {
 
 		ASN1_OCTET_STRING_free(hash);
 
 		return -1;