Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lack of nullptr check in src/crypto/crypto_context.cc NewRootCertStore #56694

Closed
wooffie opened this issue Jan 22, 2025 · 1 comment
Closed

Comments

@wooffie
Copy link
Contributor

wooffie commented Jan 22, 2025

Version

20.18.0

Platform

any

Subsystem

crypto

What steps will reproduce the bug?

In this function X509_STORE* store not checked for nullptr. It may cause null pointer dereference.

X509_STORE* store = X509_STORE_new();

How often does it reproduce? Is there a required condition?

X509_STORE_new returns null

What is the expected behavior? Why is that the expected behavior?

Checking result of X509_STORE_new against nullptr

What do you see instead?

Lack of check

Additional information

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Reporter: Burkov Egor ([email protected]).

Organization: R-Vision ([email protected]).

wooffie added a commit to wooffie/node that referenced this issue Jan 22, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: nodejs#56694
wooffie added a commit to wooffie/node that referenced this issue Jan 24, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: nodejs#56694
jasnell pushed a commit that referenced this issue Jan 26, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
@wooffie
Copy link
Contributor Author

wooffie commented Jan 27, 2025

Solved in #56700

@wooffie wooffie closed this as completed Jan 27, 2025
aduh95 pushed a commit that referenced this issue Jan 27, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this issue Jan 30, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
hvanness pushed a commit to hvanness/node that referenced this issue Jan 30, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: nodejs#56694

PR-URL: nodejs#56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this issue Jan 31, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this issue Feb 4, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this issue Feb 6, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
marco-ippolito pushed a commit that referenced this issue Mar 6, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
marco-ippolito pushed a commit that referenced this issue Mar 6, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
marco-ippolito pushed a commit that referenced this issue Mar 6, 2025
In openssl we should check result of X509_STORE_new() for nullptr
Refs: #56694

PR-URL: #56700
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant