root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Don't crash encoding a public key with no public key value 

If asked to encode an EC_KEY public key, but no public key value is present
in the structure, we should fail rather than crash.

Fixes the crash seen here:
https://mta.openssl.org/pipermail/openssl-users/2021-October/014479.html

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16911)

(cherry picked from commit 6187d9eac2)
This commit is contained in:
Matt Caswell 2021-10-25 13:07:01 +01:00 committed by Pauli
parent d146811f6c
commit 238a4c5555
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
providers/implementations/encode_decode/encode_key2any.c
View File

@ -701,6 +701,10 @@ static int prepare_ec_params(const void *eckey, int nid, int save,
static int ec_spki_pub_to_der(const void *eckey, unsigned char **pder)
{
if (EC_KEY_get0_public_key(eckey) == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY);
return 0;
}
return i2o_ECPublicKey(eckey, pder);
}