EVP_DigestUpdate(): Check if ctx->update is set

The issue has been discovered by libFuzzer running on provider target. There are currently three distinct reports which are addressed by code change here. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1 the issue has been introduced with openssl 3.0. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24753)
author: sashan <anedvedicky@gmail.com> 2024-06-27 16:31:41 +0200
committer: Tomas Mraz <tomas@openssl.org> 2024-07-11 21:48:56 +0200
commit: ad33d62396b7e9db04fdf060481ced394d391688 (patch)
tree: 5ee41ee7df5f674d9efbe0cb2ecc01fdae1ca736 /crypto
parent: 939dd479ac2c819da6cee21d00a21bfdb28d6eb2 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 4c61ca4c42..18a64329b7 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -425,7 +425,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
 
     /* Code below to be removed when legacy support is dropped. */
  legacy:
-    return ctx->update(ctx, data, count);
+    return ctx->update != NULL ? ctx->update(ctx, data, count) : 0;
 }
 
 /* The caller can assume that this removes any secret data from the context */
author	sashan <anedvedicky@gmail.com>	2024-06-27 16:31:41 +0200
committer	Tomas Mraz <tomas@openssl.org>	2024-07-11 21:48:56 +0200
commit	ad33d62396b7e9db04fdf060481ced394d391688 (patch)
tree	5ee41ee7df5f674d9efbe0cb2ecc01fdae1ca736 /crypto
parent	939dd479ac2c819da6cee21d00a21bfdb28d6eb2 (diff)