diff options
author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2022-12-01 16:27:53 -0500 |
---|---|---|
committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2022-12-01 16:36:58 -0500 |
commit | 3ab84464216227239c2500f4053f43ebd5dd6b66 (patch) | |
tree | 13fe65af8be9ab81663f66498f60d3a3d8e32c2b | |
parent | b29730578bc1cf072953e4ace0492d916588eaeb (diff) | |
download | openssl_tpm2_engine-3ab84464216227239c2500f4053f43ebd5dd6b66.tar.gz |
unseal_tpm2_key: fix seg fault if key unsealing fails
In some circumstances, key unsealing leads to a segmentation fault on
failure. The problem is that unseal_tpm2_key passes a NULL ppkey
value into tpm2_load_engine_file() because it doesn't want an EVP_PKEY
returned. However, there's an error leg in this function that tries
to set this to NULL even if no ppkey was passed in (and thus
segfaults).
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-rw-r--r-- | tpm2-common.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/tpm2-common.c b/tpm2-common.c index ea48d45..ef7008a 100644 --- a/tpm2-common.c +++ b/tpm2-common.c @@ -1578,7 +1578,8 @@ int tpm2_load_engine_file(const char *filename, struct app_data **app_data, if (ppkey) EVP_PKEY_free(*ppkey); err_free: - *ppkey = NULL; + if (ppkey) + *ppkey = NULL; tpm2_delete(ad); err: |