Commit 70837aa238 for openssl.org

commit 70837aa2385bc83226375d74f02fe5c03a3e0d21
Author: Weidong Wang <kenazcharisma@gmail.com>
Date:   Tue Mar 10 12:15:22 2026 -0500

    pkcs7: fix NULL contents dereference in PKCS7_dataFinal

    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
    Reviewed-by: Neil Horman <nhorman@openssl.org>
    MergeDate: Tue Mar 17 17:01:53 2026
    (Merged from https://github.com/openssl/openssl/pull/30351)

diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 8987cf90b6..28d43dfaf6 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -802,6 +802,10 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
         break;
     case NID_pkcs7_signed:
         si_sk = p7->d.sign->signer_info;
+        if (p7->d.sign->contents == NULL) {
+            ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
+            goto err;
+        }
         os = PKCS7_get_octet_string(p7->d.sign->contents);
         /* If detached data then the content is excluded */
         if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
@@ -812,6 +816,10 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
         break;

     case NID_pkcs7_digest:
+        if (p7->d.digest->contents == NULL) {
+            ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
+            goto err;
+        }
         os = PKCS7_get_octet_string(p7->d.digest->contents);
         /* If detached data then the content is excluded */
         if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {