Enhance checks for OpenSSL #40579

Alami-Amine · 2025-08-14T08:54:33Z

Summary

Cherrypick of Enhance checks for OpenSSL #40577

Testing

CI Testing

gemini-code-assist

Code Review

This pull request enhances the robustness of the OpenSSL certificate format verification by adding null pointer checks for the Subject Key Identifier (SKID) and Authority Key Identifier (AKID). The previous implementation could lead to a null pointer dereference and a potential crash if these optional extensions were not present in a certificate. The added checks correctly handle this case by verifying the pointers are not null before accessing their members. The change is correct and improves the stability of the code. I have no further comments.

Enhance checks for OpenSSL

7c15085

github-actions bot added the crypto label Aug 14, 2025

gemini-code-assist bot reviewed Aug 14, 2025

View reviewed changes

Alami-Amine changed the title ~~Enhance checks for OpenSSL~~ [DRAFT] Testing do not merge Aug 14, 2025

Alami-Amine marked this pull request as draft August 14, 2025 09:04

Alami-Amine marked this pull request as ready for review August 14, 2025 13:13

Alami-Amine changed the title ~~[DRAFT] Testing do not merge~~ Enhance checks for OpenSSL Aug 14, 2025

andy31415 approved these changes Aug 14, 2025

View reviewed changes

andy31415 merged commit 4ca7325 into project-chip:v1.3-branch Aug 14, 2025
60 of 67 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Enhance checks for OpenSSL #40579

Enhance checks for OpenSSL #40579

Uh oh!

Alami-Amine commented Aug 14, 2025

Uh oh!

gemini-code-assist bot left a comment

Uh oh!

Uh oh!

Uh oh!

Enhance checks for OpenSSL #40579

Enhance checks for OpenSSL #40579

Uh oh!

Conversation

Alami-Amine commented Aug 14, 2025

Summary

Testing

Uh oh!

gemini-code-assist bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

Uh oh!

Uh oh!