Google Git
Sign in
boringssl/boringssl/d3a5b87aed103460a12dc2ca29ce4ae94733b304^!/.
commit
d3a5b87aed103460a12dc2ca29ce4ae94733b304
[log]
author
Adam Langley <alangley@gmail.com>
Tue Aug 11 16:20:14 2020 -0700
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Wed Aug 12 15:14:38 2020 +0000
tree
6b3eafcbdc1ccfec7b38cf817fcebb7843241915
parent
a0b49d63fdc33e54eac93674c86891d15d181d87 [diff]
Handle NULL arguments in some i2d_* functions.

Prior to 5d7c2f8b1d, these i2d functions would fail, rather than crash,
if passed a NULL argument. While we don't generally have much truck with
the idea that functions should be expected to handle NULL arguments
where not documented, it seems that a fair amount of code is depending
on this.

Change-Id: I928b35533aa2a7beed57d7f58ba44681a8eb05c6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42464
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/crypto/evp/evp_asn1.c b/crypto/evp/evp_asn1.c
index 4d13d59..2f3e115 100644
--- a/crypto/evp/evp_asn1.c
+++ b/crypto/evp/evp_asn1.c

@@ -407,6 +407,10 @@
 }
 
 int i2d_PUBKEY(const EVP_PKEY *pkey, uint8_t **outp) {
+  if (pkey == NULL) {
+    return 0;
+  }
+
   CBB cbb;
   if (!CBB_init(&cbb, 128) ||
       !EVP_marshal_public_key(&cbb, pkey)) {
@@ -440,6 +444,10 @@
 }
 
 int i2d_RSA_PUBKEY(const RSA *rsa, uint8_t **outp) {
+  if (rsa == NULL) {
+    return 0;
+  }
+
   int ret = -1;
   EVP_PKEY *pkey = EVP_PKEY_new();
   if (pkey == NULL ||
@@ -478,6 +486,10 @@
 }
 
 int i2d_DSA_PUBKEY(const DSA *dsa, uint8_t **outp) {
+  if (dsa == NULL) {
+    return 0;
+  }
+
   int ret = -1;
   EVP_PKEY *pkey = EVP_PKEY_new();
   if (pkey == NULL ||
@@ -516,6 +528,10 @@
 }
 
 int i2d_EC_PUBKEY(const EC_KEY *ec_key, uint8_t **outp) {
+  if (ec_key == NULL) {
+    return 0;
+  }
+
   int ret = -1;
   EVP_PKEY *pkey = EVP_PKEY_new();
   if (pkey == NULL ||