diff options
| author | kenjiro <> | 2025-05-21 03:53:20 +0000 |
|---|---|---|
| committer | kenjiro <> | 2025-05-21 03:53:20 +0000 |
| commit | 4db1ecb865af08af076b8b5a429aee1f1f7d64ec (patch) | |
| tree | 780bf80ce8f6bacfb3f6997c28e6a7d1f82cf725 /src/lib/libcrypto/kdf/tls1_prf.c | |
| parent | 0719e035f0b9e8de3f6970bafad840881e1e9b86 (diff) | |
| download | openbsd-4db1ecb865af08af076b8b5a429aee1f1f7d64ec.tar.gz openbsd-4db1ecb865af08af076b8b5a429aee1f1f7d64ec.tar.bz2 openbsd-4db1ecb865af08af076b8b5a429aee1f1f7d64ec.zip | |
Add NULL checks to HKDF and TLS1-PRF EVP_PKEY cleanup functions
Check if ctx->data is NULL before calling freezero(). Also add
HKDF and TLS1-PRF to the EVP_PKEY cleanup regression test, as
they no longer crash with this change.
ok tb@
Diffstat (limited to 'src/lib/libcrypto/kdf/tls1_prf.c')
| -rw-r--r-- | src/lib/libcrypto/kdf/tls1_prf.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c index fb7b718339..2b86ff744f 100644 --- a/src/lib/libcrypto/kdf/tls1_prf.c +++ b/src/lib/libcrypto/kdf/tls1_prf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls1_prf.c,v 1.41 2025/05/10 05:54:38 tb Exp $ */ | 1 | /* $OpenBSD: tls1_prf.c,v 1.42 2025/05/21 03:53:20 kenjiro Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project | 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project |
| 4 | * 2016. | 4 | * 2016. |
| @@ -96,6 +96,9 @@ pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx) | |||
| 96 | { | 96 | { |
| 97 | struct tls1_prf_ctx *kctx = ctx->data; | 97 | struct tls1_prf_ctx *kctx = ctx->data; |
| 98 | 98 | ||
| 99 | if (kctx == NULL) | ||
| 100 | return; | ||
| 101 | |||
| 99 | freezero(kctx->secret, kctx->secret_len); | 102 | freezero(kctx->secret, kctx->secret_len); |
| 100 | freezero(kctx, sizeof(*kctx)); | 103 | freezero(kctx, sizeof(*kctx)); |
| 101 | } | 104 | } |