diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-02-01 13:06:32 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-02-03 13:58:14 +0000 |
commit | 52e028b9de371da62c1e51b46592517b1068d770 (patch) | |
tree | 2119f5bb2b9adfe72b70c8b6733418a53aeaf9dd /crypto/asn1/p8_pkey.c | |
parent | c303d4d8686b9b46b5d85acdd94ec896433b813f (diff) | |
download | openssl-new-52e028b9de371da62c1e51b46592517b1068d770.tar.gz |
Check PKCS#8 pkey field is valid before cleansing.
PR:3683
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'crypto/asn1/p8_pkey.c')
-rw-r--r-- | crypto/asn1/p8_pkey.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index 90754831f2..0a425cd29d 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -69,7 +69,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, /* Since the structure must still be valid use ASN1_OP_FREE_PRE */ if (operation == ASN1_OP_FREE_PRE) { PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; - if (key->pkey->value.octet_string) + if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING + && key->pkey->value.octet_string != NULL) OPENSSL_cleanse(key->pkey->value.octet_string->data, key->pkey->value.octet_string->length); } |