提交 bf746f0f 编写于 作者: R Richard Levitte

Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might

cause a segfault...  This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
上级 a229e303
...@@ -150,7 +150,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat ...@@ -150,7 +150,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
goto err; goto err;
} }
EVP_VerifyInit_ex(&ctx,type, NULL); if (!EVP_VerifyInit_ex(&ctx,type, NULL))
{
ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
ret=0;
goto err;
}
EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_cleanse(buf_in,(unsigned int)inl);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册