From d5c7252d04326681bc8375a9c8c52e5c65160394 Mon Sep 17 00:00:00 2001
From: Shubham Mittal <107728331+smittals2@users.noreply.github.com>
Date: Tue, 5 Nov 2024 12:54:19 -0800
Subject: [PATCH] Coverity Fix Null Check (#1965)

`X509_ATTRIBUTE_count` dereferences `a` without a NULL check, added it
in.

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.
---
 crypto/x509/x509_att.c | 3 +++
 include/openssl/x509.h | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
index e3d0c6a595..627bd5a706 100644
--- a/crypto/x509/x509_att.c
+++ b/crypto/x509/x509_att.c
@@ -192,6 +192,9 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
 }
 
 int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr) {
+  if (attr == NULL) {
+    return 0;
+  }
   return (int)sk_ASN1_TYPE_num(attr->set);
 }
 
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 624b94007c..eb9fc24434 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -2272,7 +2272,8 @@ OPENSSL_EXPORT int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
 OPENSSL_EXPORT void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
                                               int attrtype, void *unused);
 
-// X509_ATTRIBUTE_count returns the number of values in |attr|.
+// X509_ATTRIBUTE_count returns the number of values in |attr| or 0 if |attr|
+// is NULL.
 OPENSSL_EXPORT int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr);
 
 // X509_ATTRIBUTE_get0_object returns the type of |attr|.