path: root/src
diff options
authorEdward Welbourne <>2017-08-07 12:49:59 +0200
committerTimur Pocheptsov <>2017-08-17 06:43:49 +0000
commitb9557296cb988c6007ed17f182a03c8205d5dffc (patch)
tree203b7122e931afcda46e4a057be1c4896b403e11 /src
parentd7db2b43596b9a51017546eb1c6e2c4e30a0041e (diff)
Fix crash when reading a PKCS12 file with no private key
The only reason our code wants PKCS12 files is for a private key, but a valid file needn't contain one; and reading a file without lead to a crash in QSslKeyPrivate::fromEVP_PKEY(). So check for missing key and fail the load, since the file is useless to us. Also ensure the caller's pkey is initialized, as we aren't promised that PKCS12_parse() will set it when there is no private key. Add a test for this case (it crashes without the fix) and update the instructions for how to generate test data to cover it also. (Corrected the wording there, too; at the interactive prompt, "providing no password" really provides an empty password.) Task-number: QTBUG-62335 Change-Id: I617508b903f6d9dee40d539b7136b0be8bc2c747 Reviewed-by: Timur Pocheptsov <>
Diffstat (limited to 'src')
2 files changed, 4 insertions, 1 deletions
diff --git a/src/network/ssl/qsslkey_openssl.cpp b/src/network/ssl/qsslkey_openssl.cpp
index 79df33ecca..26119023d1 100644
--- a/src/network/ssl/qsslkey_openssl.cpp
+++ b/src/network/ssl/qsslkey_openssl.cpp
@@ -84,6 +84,9 @@ void QSslKeyPrivate::clear(bool deep)
bool QSslKeyPrivate::fromEVP_PKEY(EVP_PKEY *pkey)
+ if (pkey == nullptr)
+ return false;
if (pkey->type == EVP_PKEY_RSA) {
isNull = false;
algorithm = QSsl::Rsa;
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 644dfdb6a8..ab82cdcfc9 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -1805,7 +1805,7 @@ bool QSslSocketBackendPrivate::importPkcs12(QIODevice *device,
// Extract the data
- EVP_PKEY *pkey;
+ EVP_PKEY *pkey = nullptr;
X509 *x509;
STACK_OF(X509) *ca = 0;