Check PKCS#8 pkey field is valid before cleansing.

PR:3683 Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 52e028b9de371da62c1e51b46592517b1068d770)
author: Dr. Stephen Henson <steve@openssl.org> 2015-02-01 13:06:32 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2015-02-03 14:02:25 +0000
commit: 6b7c68e0388e499a1c2846131fca7ffd7b3fa78f (patch)
tree: f8dab392dd43f280d9030ed5a9268aae82a930d2
parent: 81ce20e6ac1d3298bfff8bd059007968f05115e0 (diff)
download: openssl-new-6b7c68e0388e499a1c2846131fca7ffd7b3fa78f.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c
index 90754831f2..0a425cd29d 100644
--- a/crypto/asn1/p8_pkey.c
+++ b/crypto/asn1/p8_pkey.c
@@ -69,7 +69,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
     /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
     if (operation == ASN1_OP_FREE_PRE) {
         PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
-        if (key->pkey->value.octet_string)
+        if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING
+            && key->pkey->value.octet_string != NULL)
             OPENSSL_cleanse(key->pkey->value.octet_string->data,
                             key->pkey->value.octet_string->length);
     }
author	Dr. Stephen Henson <steve@openssl.org>	2015-02-01 13:06:32 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2015-02-03 14:02:25 +0000
commit	6b7c68e0388e499a1c2846131fca7ffd7b3fa78f (patch)
tree	f8dab392dd43f280d9030ed5a9268aae82a930d2
parent	81ce20e6ac1d3298bfff8bd059007968f05115e0 (diff)
download	openssl-new-6b7c68e0388e499a1c2846131fca7ffd7b3fa78f.tar.gz