Overview

File CVE-2012-0027.patch of Package openssl.444

Index: openssl-1.0.0c/engines/ccgost/gost2001_keyx.c
===================================================================
--- openssl-1.0.0c.orig/engines/ccgost/gost2001_keyx.c
+++ openssl-1.0.0c/engines/ccgost/gost2001_keyx.c
@@ -280,6 +280,10 @@ int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *
 		}
 		
 	param = get_encryption_params(gkt->key_agreement_info->cipher);
+        if(!param){
+          goto err;
+        }
+
 	gost_init(&ctx,param->sblock);	
 	OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
 	memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8);
Index: openssl-1.0.0c/engines/ccgost/gost94_keyx.c
===================================================================
--- openssl-1.0.0c.orig/engines/ccgost/gost94_keyx.c
+++ openssl-1.0.0c/engines/ccgost/gost94_keyx.c
@@ -261,6 +261,10 @@ int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *
 		}
 
 	param = get_encryption_params(gkt->key_agreement_info->cipher);
+        if(!param){
+          goto err;
+        }
+
 	gost_init(&cctx,param->sblock);	
 	OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
 	memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8);
openSUSE Build Service is sponsored by
Places