Overview

File CVE-2013-0166.patch of Package compat-openssl098.16428

Index: openssl-0.9.8j/crypto/asn1/a_verify.c
===================================================================
--- openssl-0.9.8j.orig/crypto/asn1/a_verify.c
+++ openssl-0.9.8j/crypto/asn1/a_verify.c
@@ -138,6 +138,11 @@ int ASN1_item_verify(const ASN1_ITEM *it
 	unsigned char *buf_in=NULL;
 	int ret= -1,i,inl;
 
+	if (!pkey){
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
+		return -1;
+	}
+
 	EVP_MD_CTX_init(&ctx);
 	i=OBJ_obj2nid(a->algorithm);
 	type=EVP_get_digestbyname(OBJ_nid2sn(i));
Index: openssl-0.9.8j/crypto/ocsp/ocsp_vfy.c
===================================================================
--- openssl-0.9.8j.orig/crypto/ocsp/ocsp_vfy.c
+++ openssl-0.9.8j/crypto/ocsp/ocsp_vfy.c
@@ -91,9 +91,11 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs
 		{
 		EVP_PKEY *skey;
 		skey = X509_get_pubkey(signer);
-		ret = OCSP_BASICRESP_verify(bs, skey, 0);
-		EVP_PKEY_free(skey);
-		if(ret <= 0)
+		if (skey){
+			ret = OCSP_BASICRESP_verify(bs, skey, 0);
+			EVP_PKEY_free(skey);
+			}
+		if (!skey || ret <= 0)
 			{
 			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
 			goto end;
openSUSE Build Service is sponsored by
Places