From af3b3835bcdb7e2d7a4f14e077fecb5e472f11ba Mon Sep 17 00:00:00 2001
From: Sergio Correia <scorreia@redhat.com>
Date: Thu, 20 May 2021 10:31:25 -0300
Subject: [PATCH 2/2] Fix possible NULL pointer dereference in find_by_thp()

jwk_thumbprint() might return NULL, so let's make sure we handle that
case.

Issue pointed out by gcc static analyzer.
---
 src/keys.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/keys.c b/src/keys.c
index 5a8c1ac..55d0cff 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -263,7 +263,7 @@ find_by_thp(struct tang_keys_info* tki, const char* target)
     json_array_foreach(keys, idx, jwk) {
         for (int i = 0; hashes[i]; i++) {
             __attribute__ ((__cleanup__(cleanup_str))) char* thumbprint = jwk_thumbprint(jwk, hashes[i]);
-            if (strcmp(thumbprint, target) != 0) {
+            if (!thumbprint || strcmp(thumbprint, target) != 0) {
                 continue;
             }
 
-- 
2.31.1