You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The EVP_PKEY_set1_RSA function sets an RSA key into an EVP_PKEY structure. It increments the reference counter of the RSA key, which means that after calling EVP_PKEY_set1_RSA, the rsa object must be freed with RSA_free only once.
result is created with EVP_PKEY_new(), but is not checked for nullptr after creation. However, if creation of result fails, it will be nullptr.
To prevent possible nullptr dereference, it is necessary to add a check for result immediately after its creation.
The text was updated successfully, but these errors were encountered:
File: https://github.com/grpc/grpc/blob/v1.66.1/src/core/lib/security/credentials/jwt/jwt_verifier.cc
Line: 568
The EVP_PKEY_set1_RSA function sets an RSA key into an EVP_PKEY structure. It increments the reference counter of the RSA key, which means that after calling EVP_PKEY_set1_RSA, the rsa object must be freed with RSA_free only once.
result is created with EVP_PKEY_new(), but is not checked for nullptr after creation. However, if creation of result fails, it will be nullptr.
To prevent possible nullptr dereference, it is necessary to add a check for result immediately after its creation.
The text was updated successfully, but these errors were encountered: