Missing Null Checking after `HMAC_CTX_new` at crypto/pkcs12/p12_mutl.c

Hi,

Our code scanner has reported a potential null pointer dereference at [crypto/pkcs12/p12_mutl.c#L127](https://github.com/openssl/openssl/blob/1b8f19379a521ec11ce37e12316dd3edc0acfb82/crypto/pkcs12/p12_mutl.c#L127), we can see there are null checks in other places after calling `HMAC_CTX_new` but there is no one at here. Could anyone have a look and see if it needs a fix?

At line 127
```cpp   
    hmac = HMAC_CTX_new();         // potential null would be returned
    if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL)      // <= use of potential null
        || !HMAC_Update(hmac, p12->authsafes->d.data->data,   // <= use of potential null
                        p12->authsafes->d.data->length)
        || !HMAC_Final(hmac, mac, maclen)) {                  // <= use of potential null
        HMAC_CTX_free(hmac);
        return 0;
```

Regards,
SourceBrella Inc.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Missing Null Checking after `HMAC_CTX_new` at crypto/pkcs12/p12_mutl.c #4339

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Missing Null Checking after HMAC_CTX_new at crypto/pkcs12/p12_mutl.c #4339

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Missing Null Checking after `HMAC_CTX_new` at crypto/pkcs12/p12_mutl.c #4339