From 6441def3fd2a7a75fafa23e8539923c0aad9fad1 Mon Sep 17 00:00:00 2001 From: Jou Ho Date: Fri, 12 Jun 2026 21:39:07 +0000 Subject: [PATCH 1/3] fix: null-check cert_and_key fields in load helpers --- crypto/s2n_certificate.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/crypto/s2n_certificate.c b/crypto/s2n_certificate.c index 5167f9e6bc7..0b9dfefbd77 100644 --- a/crypto/s2n_certificate.c +++ b/crypto/s2n_certificate.c @@ -75,6 +75,8 @@ int s2n_create_cert_chain_from_stuffer(struct s2n_cert_chain *cert_chain_out, st int s2n_cert_chain_and_key_set_cert_chain_from_stuffer(struct s2n_cert_chain_and_key *cert_and_key, struct s2n_stuffer *chain_in_stuffer) { + POSIX_ENSURE_REF(cert_and_key); + POSIX_ENSURE_REF(cert_and_key->cert_chain); return s2n_create_cert_chain_from_stuffer(cert_and_key->cert_chain, chain_in_stuffer); } @@ -102,6 +104,9 @@ int s2n_cert_chain_and_key_set_cert_chain(struct s2n_cert_chain_and_key *cert_an int s2n_cert_chain_and_key_set_private_key_from_stuffer(struct s2n_cert_chain_and_key *cert_and_key, struct s2n_stuffer *key_in_stuffer, struct s2n_stuffer *key_out_stuffer) { + POSIX_ENSURE_REF(cert_and_key); + POSIX_ENSURE_REF(cert_and_key->private_key); + struct s2n_blob key_blob = { 0 }; POSIX_GUARD(s2n_pkey_zero_init(cert_and_key->private_key)); From 8e767d1ca3588345c6e62256705fb0ea2d6abaa7 Mon Sep 17 00:00:00 2001 From: Jou Ho Date: Fri, 12 Jun 2026 21:41:32 +0000 Subject: [PATCH 2/3] Revert "fix: null-check cert_and_key fields in load helpers" This reverts commit 6441def3fd2a7a75fafa23e8539923c0aad9fad1. --- crypto/s2n_certificate.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/crypto/s2n_certificate.c b/crypto/s2n_certificate.c index 0b9dfefbd77..5167f9e6bc7 100644 --- a/crypto/s2n_certificate.c +++ b/crypto/s2n_certificate.c @@ -75,8 +75,6 @@ int s2n_create_cert_chain_from_stuffer(struct s2n_cert_chain *cert_chain_out, st int s2n_cert_chain_and_key_set_cert_chain_from_stuffer(struct s2n_cert_chain_and_key *cert_and_key, struct s2n_stuffer *chain_in_stuffer) { - POSIX_ENSURE_REF(cert_and_key); - POSIX_ENSURE_REF(cert_and_key->cert_chain); return s2n_create_cert_chain_from_stuffer(cert_and_key->cert_chain, chain_in_stuffer); } @@ -104,9 +102,6 @@ int s2n_cert_chain_and_key_set_cert_chain(struct s2n_cert_chain_and_key *cert_an int s2n_cert_chain_and_key_set_private_key_from_stuffer(struct s2n_cert_chain_and_key *cert_and_key, struct s2n_stuffer *key_in_stuffer, struct s2n_stuffer *key_out_stuffer) { - POSIX_ENSURE_REF(cert_and_key); - POSIX_ENSURE_REF(cert_and_key->private_key); - struct s2n_blob key_blob = { 0 }; POSIX_GUARD(s2n_pkey_zero_init(cert_and_key->private_key)); From 1c807fcff835c20f886777f09f1191f74bce2918 Mon Sep 17 00:00:00 2001 From: Jou Ho Date: Fri, 12 Jun 2026 21:44:14 +0000 Subject: [PATCH 3/3] fix: null-check cert_and_key fields in load helpers --- crypto/s2n_certificate.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/crypto/s2n_certificate.c b/crypto/s2n_certificate.c index 5167f9e6bc7..0b9dfefbd77 100644 --- a/crypto/s2n_certificate.c +++ b/crypto/s2n_certificate.c @@ -75,6 +75,8 @@ int s2n_create_cert_chain_from_stuffer(struct s2n_cert_chain *cert_chain_out, st int s2n_cert_chain_and_key_set_cert_chain_from_stuffer(struct s2n_cert_chain_and_key *cert_and_key, struct s2n_stuffer *chain_in_stuffer) { + POSIX_ENSURE_REF(cert_and_key); + POSIX_ENSURE_REF(cert_and_key->cert_chain); return s2n_create_cert_chain_from_stuffer(cert_and_key->cert_chain, chain_in_stuffer); } @@ -102,6 +104,9 @@ int s2n_cert_chain_and_key_set_cert_chain(struct s2n_cert_chain_and_key *cert_an int s2n_cert_chain_and_key_set_private_key_from_stuffer(struct s2n_cert_chain_and_key *cert_and_key, struct s2n_stuffer *key_in_stuffer, struct s2n_stuffer *key_out_stuffer) { + POSIX_ENSURE_REF(cert_and_key); + POSIX_ENSURE_REF(cert_and_key->private_key); + struct s2n_blob key_blob = { 0 }; POSIX_GUARD(s2n_pkey_zero_init(cert_and_key->private_key));