fixed core dump issue where AuthSSL::VerifySignBin() is called with NULL parameters. Still, this should not happen.

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@1624 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2024-10-01 02:35:48 -04:00 · 2009-09-09 11:22:44 +00:00 · 2009-09-09 11:22:44 +00:00 · 64a06fd0bb
commit 64a06fd0bb
parent 3b3c7c7ba4
1 changed files with 10 additions and 0 deletions
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
@ -1217,6 +1217,10 @@ bool AuthSSL::VerifySignBin(std::string pid,
 	}

 	EVP_PKEY *peerkey = peer->certificate->cert_info->key->pkey;
+
+	if(peerkey == NULL)
+		return false ;
+
 	EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
 	
 	if (0 == EVP_VerifyInit(mdctx, EVP_sha1()))
@ -1235,6 +1239,12 @@ bool AuthSSL::VerifySignBin(std::string pid,
 		return false;
 	}

+	if(signlen == 0 || sign == NULL)
+	{
+		EVP_MD_CTX_destroy(mdctx);
+		return false ;
+	}
+
 	if (0 == EVP_VerifyFinal(mdctx, sign, signlen, peerkey))
 	{
 		std::cerr << "EVP_VerifyFinal Failure!" << std::endl;