From 123db84b2c06cd16b07209d39535ec1a3ddaf503 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Tue, 28 May 2019 08:24:33 +0200 Subject: [PATCH] pki_crypto: Fix a possible null pointer dereference CID 1401438 CID 1401437 Signed-off-by: Andreas Schneider --- src/pki_crypto.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 0949bd96..b5d24b24 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -1370,14 +1370,19 @@ static ssh_string pki_dsa_signature_to_blob(const ssh_signature sig) ssh_string s = NULL; int s_len, s_offset_in, s_offset_out; - const unsigned char *raw_sig_data = ssh_string_data(sig->raw_sig); - size_t raw_sig_len = ssh_string_len(sig->raw_sig); + const unsigned char *raw_sig_data = NULL; + size_t raw_sig_len; DSA_SIG *dsa_sig; - if (sig == NULL || sig->raw_sig == NULL || raw_sig_data == NULL) { + if (sig == NULL || sig->raw_sig == NULL) { return NULL; } + raw_sig_data = ssh_string_data(sig->raw_sig); + if (raw_sig_data == NULL) { + return NULL; + } + raw_sig_len = ssh_string_len(sig->raw_sig); dsa_sig = d2i_DSA_SIG(NULL, &raw_sig_data, raw_sig_len); if (dsa_sig == NULL) { @@ -1444,16 +1449,21 @@ static ssh_string pki_ecdsa_signature_to_blob(const ssh_signature sig) const BIGNUM *pr = NULL, *ps = NULL; - const unsigned char *raw_sig_data = ssh_string_data(sig->raw_sig); - size_t raw_sig_len = ssh_string_len(sig->raw_sig); + const unsigned char *raw_sig_data = NULL; + size_t raw_sig_len; ECDSA_SIG *ecdsa_sig; int rc; - if (sig == NULL || sig->raw_sig == NULL || raw_sig_data == NULL) { + if (sig == NULL || sig->raw_sig == NULL) { return NULL; } + raw_sig_data = ssh_string_data(sig->raw_sig); + if (raw_sig_data == NULL) { + return NULL; + } + raw_sig_len = ssh_string_len(sig->raw_sig); ecdsa_sig = d2i_ECDSA_SIG(NULL, &raw_sig_data, raw_sig_len); if (ecdsa_sig == NULL) {