28572d0edb
Upstream commits: 3d770c6, 262d98f
30 lines
967 B
Diff
30 lines
967 B
Diff
From af3b3835bcdb7e2d7a4f14e077fecb5e472f11ba Mon Sep 17 00:00:00 2001
|
|
From: Sergio Correia <scorreia@redhat.com>
|
|
Date: Thu, 20 May 2021 10:31:25 -0300
|
|
Subject: [PATCH 2/2] Fix possible NULL pointer dereference in find_by_thp()
|
|
|
|
jwk_thumbprint() might return NULL, so let's make sure we handle that
|
|
case.
|
|
|
|
Issue pointed out by gcc static analyzer.
|
|
---
|
|
src/keys.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/keys.c b/src/keys.c
|
|
index 5a8c1ac..55d0cff 100644
|
|
--- a/src/keys.c
|
|
+++ b/src/keys.c
|
|
@@ -263,7 +263,7 @@ find_by_thp(struct tang_keys_info* tki, const char* target)
|
|
json_array_foreach(keys, idx, jwk) {
|
|
for (int i = 0; hashes[i]; i++) {
|
|
__attribute__ ((__cleanup__(cleanup_str))) char* thumbprint = jwk_thumbprint(jwk, hashes[i]);
|
|
- if (strcmp(thumbprint, target) != 0) {
|
|
+ if (!thumbprint || strcmp(thumbprint, target) != 0) {
|
|
continue;
|
|
}
|
|
|
|
--
|
|
2.31.1
|
|
|