Don't write out a bad OID

If we don't have OID data for an object then we should fail if we are asked to encode the ASN.1 for that OID. Fixes #5723 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5725)
2025-05-21 05:49:41 +00:00 · 2018-03-22 14:33:05 +00:00 · 2018-03-22 14:33:05 +00:00 · 53c9818e97
commit 53c9818e97
parent f6c024c2e7
1 changed files with 2 additions and 0 deletions
--- a/crypto/asn1/tasn_enc.c
+++ b/crypto/asn1/tasn_enc.c
@ -528,6 +528,8 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
        otmp = (ASN1_OBJECT *)*pval;
        cont = otmp->data;
        len = otmp->length;
+        if (cont == NULL || len == 0)
+            return -1;
        break;

    case V_ASN1_NULL: