From 297bf27b198fe8f4124d9c397a13f4022ab27ee3 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 5 Dec 2024 07:35:46 +0000
Subject: Apply a little bit of lipstick to PKCS7

Makes the setting and getting of detached signatures more symmetric
and avoids a NULL access.

ok jsing
---
 src/lib/libcrypto/pkcs7/pk7_lib.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c
index 59f348e234..aa48c269ea 100644
--- a/src/lib/libcrypto/pkcs7/pk7_lib.c
+++ b/src/lib/libcrypto/pkcs7/pk7_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pk7_lib.c,v 1.28 2023/11/09 19:08:07 tb Exp $ */
+/* $OpenBSD: pk7_lib.c,v 1.29 2024/12/05 07:35:46 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -70,13 +70,17 @@ long
 PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
 {
 	int nid;
-	long ret;
+	long ret = 0;
 
 	nid = OBJ_obj2nid(p7->type);
 
 	switch (cmd) {
 	case PKCS7_OP_SET_DETACHED_SIGNATURE:
 		if (nid == NID_pkcs7_signed) {
+			if (p7->d.sign == NULL) {
+				PKCS7error(PKCS7_R_NO_CONTENT);
+				break;
+			}
 			ret = p7->detached = (int)larg;
 			if (ret && PKCS7_type_is_data(p7->d.sign->contents)) {
 				ASN1_OCTET_STRING *os;
@@ -91,7 +95,7 @@ PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
 		break;
 	case PKCS7_OP_GET_DETACHED_SIGNATURE:
 		if (nid == NID_pkcs7_signed) {
-			if (!p7->d.sign  || !p7->d.sign->contents->d.ptr)
+			if (p7->d.sign  || !p7->d.sign->contents->d.ptr)
 				ret = 1;
 			else
 				ret = 0;
-- 
cgit v1.2.3-55-g6feb