ensure the pointer is valid before using it

b4e88ccb · Nils Larsch · d916ba1b · b4e88ccb · b4e88ccb · b4e88ccb
显示空白变更内容
内联并排

Showing with 24 addition and 12 deletion

apps/ts.c apps/ts.c +2 -0

crypto/bn/bntest.c crypto/bn/bntest.c +2 -0

crypto/ts/ts_rsp_sign.c crypto/ts/ts_rsp_sign.c +20 -12

未找到文件。
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -1041,6 +1041,8 @@ static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
 		if (!(request = d2i_TS_REQ_bio(input, NULL))) goto err;
 		if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL))) goto err;
 		}
+	else
+		return NULL;
 	/* Add the signature verification flag and arguments. */
 	ctx->flags |= TS_VFY_SIGNATURE;

--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -732,6 +732,8 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 	BN_init(&n);
 	mont=BN_MONT_CTX_new();
+	if (mont == NULL)
+		return 0;
 	BN_bntest_rand(&a,100,0,0); /**/
 	BN_bntest_rand(&b,100,0,0); /**/

--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -466,20 +466,23 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
 	if (!result)
 		{
 		TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
-		TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
+		if (ctx != NULL)
-						 "Error during response "
+			{
+			TS_RESP_CTX_set_status_info_cond(ctx,
+				TS_STATUS_REJECTION, "Error during response "
 				"generation.");
 			/* Check if the status info was set. */
-		if (ctx->response
+			if (ctx->response && ASN1_INTEGER_get(
-		    && ASN1_INTEGER_get(
 			    TS_RESP_get_status_info(ctx->response)->status)
 			    == TS_STATUS_GRANTED)
 				{
-			/* Status info wasn't set, don't return a response. */
+				/* Status info wasn't set, don't
+				 * return a response. */
 				TS_RESP_free(ctx->response);
 				ctx->response = NULL;
 				}
 			}
+		}
 	response = ctx->response;
 	ctx->response = NULL;	/* Ownership will be returned to caller. */
 	TS_RESP_CTX_cleanup(ctx);
@@ -567,13 +570,18 @@ static int TS_RESP_check_request(TS_RESP_CTX *ctx)
 	return 1;
 	}
-/* Returns the TSA policy based on the rqeuested and acceptable policies. */
+/* Returns the TSA policy based on the requested and acceptable policies. */
 static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
 	{
 	ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
 	ASN1_OBJECT *policy = NULL;
 	int i;
+	if (ctx->default_policy == NULL)
+		{
+		TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
+		return NULL;
+		}
 	/* Return the default policy if none is requested or the default is
 	   requested. */
 	if (!requested || !OBJ_cmp(requested, ctx->default_policy))