[Openvpn-devel] pkcs11_openssl.c: check EVP_get_digestbyname() != NULL

Message ID 20220127001410.7587-1-selva.nair@gmail.com
State Accepted
Headers show
Series
  • [Openvpn-devel] pkcs11_openssl.c: check EVP_get_digestbyname() != NULL
Related show

Commit Message

Selva Nair Jan. 27, 2022, 12:14 a.m.
From: Selva Nair <selva.nair@gmail.com>

Reported-by: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Selva Nair <selva.nair@gmail.com>
---
 src/openvpn/pkcs11_openssl.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

Comments

Antonio Quartulli Feb. 3, 2022, 10:22 a.m. | #1
Hi,

On 27/01/2022 01:14, selva.nair@gmail.com wrote:
> From: Selva Nair <selva.nair@gmail.com>
> 
> Reported-by: Arne Schwabe <arne@rfc2549.org>
> Signed-off-by: Selva Nair <selva.nair@gmail.com>

Acked-by: Antonio Quartulli <a@unstable.cc>
Gert Doering Feb. 3, 2022, 10:31 a.m. | #2
Have not tested, but looks reasonable.

Your patch has been applied to the master branch.

commit fb60a5a9d0da982df0edeac8287aa5ee55f4e79a
Author: Selva Nair
Date:   Wed Jan 26 19:14:10 2022 -0500

     pkcs11_openssl.c: check EVP_get_digestbyname() != NULL

     Signed-off-by: Selva Nair <selva.nair@gmail.com>
     Acked-by: Antonio Quartulli <antonio@openvpn.net>
     Message-Id: <20220127001410.7587-1-selva.nair@gmail.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23680.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/src/openvpn/pkcs11_openssl.c b/src/openvpn/pkcs11_openssl.c
index a82b4b32..c4f88816 100644
--- a/src/openvpn/pkcs11_openssl.c
+++ b/src/openvpn/pkcs11_openssl.c
@@ -89,7 +89,14 @@  set_pss_params(CK_RSA_PKCS_PSS_PARAMS *pss_params, XKEY_SIGALG sigalg,
     pss_params->mgf = mdtypes[i].mgf_id;
 
     /* determine salt length */
-    int mdsize = EVP_MD_size(EVP_get_digestbyname(sigalg.mdname));
+    const EVP_MD *md = EVP_get_digestbyname(sigalg.mdname);
+    if (!md)
+    {
+        msg(M_WARN, "WARN: set_pss_params: EVP_get_digestbyname returned NULL "
+                    "for mdname = <%s>", sigalg.mdname);
+        goto cleanup;
+    }
+    int mdsize = EVP_MD_get_size(md);
 
     int saltlen = -1;
     if (!strcmp(sigalg.saltlen, "digest")) /* same as digest size */