ensure the pointer is valid before using it
diff --git a/apps/ts.c b/apps/ts.c index 0083f9a..f092336 100644 --- a/apps/ts.c +++ b/apps/ts.c
@@ -1041,6 +1041,8 @@ if (!(request = d2i_TS_REQ_bio(input, NULL))) goto err; if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL))) goto err; } + else + return NULL; /* Add the signature verification flag and arguments. */ ctx->flags |= TS_VFY_SIGNATURE;
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c index b79685e..5a3c3d1 100644 --- a/crypto/bn/bntest.c +++ b/crypto/bn/bntest.c
@@ -732,6 +732,8 @@ BN_init(&n); mont=BN_MONT_CTX_new(); + if (mont == NULL) + return 0; BN_bntest_rand(&a,100,0,0); /**/ BN_bntest_rand(&b,100,0,0); /**/
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c index 30b6498..0c8e636 100644 --- a/crypto/ts/ts_rsp_sign.c +++ b/crypto/ts/ts_rsp_sign.c
@@ -466,18 +466,21 @@ if (!result) { TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR); - TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION, - "Error during response " - "generation."); - /* Check if the status info was set. */ - if (ctx->response - && ASN1_INTEGER_get( - TS_RESP_get_status_info(ctx->response)->status) - == TS_STATUS_GRANTED) + if (ctx != NULL) { - /* Status info wasn't set, don't return a response. */ - TS_RESP_free(ctx->response); - ctx->response = NULL; + TS_RESP_CTX_set_status_info_cond(ctx, + TS_STATUS_REJECTION, "Error during response " + "generation."); + /* Check if the status info was set. */ + if (ctx->response && ASN1_INTEGER_get( + TS_RESP_get_status_info(ctx->response)->status) + == TS_STATUS_GRANTED) + { + /* Status info wasn't set, don't + * return a response. */ + TS_RESP_free(ctx->response); + ctx->response = NULL; + } } } response = ctx->response; @@ -567,13 +570,18 @@ return 1; } -/* Returns the TSA policy based on the rqeuested and acceptable policies. */ +/* Returns the TSA policy based on the requested and acceptable policies. */ static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx) { ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request); ASN1_OBJECT *policy = NULL; int i; + if (ctx->default_policy == NULL) + { + TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER); + return NULL; + } /* Return the default policy if none is requested or the default is requested. */ if (!requested || !OBJ_cmp(requested, ctx->default_policy))