dereference before NULL check

g-coder · g-coder · commit 60aa4d000cbe · 2015-11-10T13:33:00.000+05:30
In tools/output.c
Pointer 'output-&gt;hash' which was dereferenced at #302 is compared to NULL value at #304.

If output-&gt;hash is NULL then derefrencing it tries to read data from invalid location. Running program with NULL pointer will crash the system.

Solution:
Check output-&gt;hash for NULL value before dereferencing it.
place assert(output-&gt;hash); before TEMP_ALLOC at #302.
diff --git a/tools/output.c b/tools/output.c
@@ -290,10 +290,11 @@ void
 sexp_put_digest(struct sexp_output *output)
 {
   TMP_DECL(digest, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
-  TMP_ALLOC(digest, output->hash->digest_size);
   
   assert(output->hash);
-
+  
+  TMP_ALLOC(digest, output->hash->digest_size);
+  
   output->hash->digest(output->ctx, output->hash->digest_size, digest);
 
   sexp_put_code_start(output, &nettle_base16);
