[tor-commits] [tor/master] Fix a coverity NULL-pointer deref warning in the tortls tests.

[nickm at torproject.org]

commit 6b5b1a02d46f761b691527c8e3c9a2ad08b0c3a5
Author: Nick Mathewson <nickm at torproject.org>
Date:   Fri Dec 18 10:25:15 2015 -0500

    Fix a coverity NULL-pointer deref warning in the tortls tests.
    
    Also, make our cert validation code more NULL-resistant.
    
    This is CID 1327891.
---
 src/common/tortls.c    |    2 +-
 src/test/test_tortls.c |    5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index a1facec..5e0c970 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -884,7 +884,7 @@ tor_tls_cert_is_valid(int severity,
   EVP_PKEY *cert_key;
   int r, key_ok = 0;
 
-  if (!signing_cert)
+  if (!signing_cert || !cert)
     goto bad;
 
   EVP_PKEY *signing_key = X509_get_pubkey(signing_cert->cert);
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 709c8db..add020e 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -2680,7 +2680,12 @@ test_tortls_cert_is_valid(void *ignored)
   scert = tor_malloc_zero(sizeof(tor_x509_cert_t));
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
   tt_int_op(ret, OP_EQ, 0);
+
+  cert = tor_malloc_zero(sizeof(tor_x509_cert_t));
+  ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
+  tt_int_op(ret, OP_EQ, 0);
   tor_free(scert);
+  tor_free(cert);
 
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));