Fix NULL dereference from EVP_MD_fetch() on OpenSSL 3.x#187
Draft
toddr-bot wants to merge 1 commit into
Draft
Conversation
…ence On OpenSSL 3.x, EVP_MD_fetch() can return NULL when a digest algorithm is recognized but not available at runtime (e.g., ripemd160 or whirlpool when the legacy provider is not loaded). Previously, get_md_bynid() passed this NULL directly to callers, leading to undefined behavior in EVP_Digest() or cryptic error messages. Refactors the function to use a name lookup + single fetch + explicit NULL check with a clear error message indicating the likely cause. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
timlegge
reviewed
May 28, 2026
| default: | ||
| croak("Unknown digest hash mode %u", hash_method); | ||
| break; | ||
| return NULL; |
Member
There was a problem hiding this comment.
@toddr-bot do we need the return NULL here considering the croak?
timlegge
reviewed
May 28, 2026
Member
timlegge
left a comment
timlegge
left a comment
There was a problem hiding this comment.
a question about the need for the return NULL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Checks the return value of
EVP_MD_fetch()inget_md_bynid()and croaks with a clear error message instead of passing NULL downstream.Why
On OpenSSL 3.x, digest algorithms like ripemd160 and whirlpool live in the "legacy" provider, which may not be loaded at runtime. When
EVP_MD_fetch()returns NULL for an unavailable algorithm, the NULL was passed directly toEVP_Digest(), causing undefined behavior or cryptic errors.How
Refactored
get_md_bynid()from per-case return statements to a name lookup + singleEVP_MD_fetch()+ explicit NULL check. On failure, croaks with:"Digest algorithm '%s' is not available (you may need to load the legacy provider)".This also simplifies the function (18 insertions, 25 deletions) by eliminating the redundant
EVP_MD_fetch(NULL, ..., NULL); break;pattern repeated 6-8 times.Testing
Full test suite passes (667 tests). The fix only changes behavior when an algorithm is unavailable, which doesn't occur in standard CI environments.
🤖 Generated with Claude Code
Quality Report
Changes: 1 file changed, 18 insertions(+), 25 deletions(-)
Code scan: clean
Tests: passed (OK)
Branch hygiene: clean
Generated by Kōan post-mission quality pipeline