Fix a possible NULL pointer dereference in create_cert_store()

In create_cert_store(), X509_STORE_new() is called and there is a dereference of it in following function X509_STORE_add_lookup() without check, which could lead to NULL pointer dereference. Fix this by adding a NULL check of X509_STORE_new() Reviewed-by: Shane Lontis <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from openssl#18057) (cherry picked from commit 3f07596)
webpanorg · Apr 21, 2022 · ea5ef33 · ea5ef33
1 parent caf7a9c
commit ea5ef33
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/apps/ts.c b/apps/ts.c
@@ -976,6 +976,10 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile,
     const char *propq = app_get0_propq();
 
     cert_ctx = X509_STORE_new();
+    if (cert_ctx == NULL) {
+        BIO_printf(bio_err, "memory allocation failure\n");
+        return NULL;
+    }
     X509_STORE_set_verify_cb(cert_ctx, verify_cb);
     if (CApath != NULL) {
         lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());