Ensure that get_sigtype always return non-NULL

There is a theoretical possibility that OpenSSL returns an NID that
OBJ_nid2sn cannot resolve and thus the function return NULL.

This is however extremely unlikely. But we still cover this case now
to make linters/code checker happy and avoid similar false positives
in the future.

Reported-by: Joshua Rogers <[email protected]>
Found-by: ZeroPath (https://zeropath.com/)
Change-Id: I70e221ff5d9752fec17bad18fd41dcf188ae8fbc
Signed-off-by: Arne Schwabe <[email protected]>
Acked-by: Gert Doering <[email protected]>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1325
Message-Id: <[email protected]>
URL: https://www.mail-archive.com/[email protected]/msg34060.html
Signed-off-by: Gert Doering <[email protected]>

Author: schwabe

src/openvpn/ssl_openssl.c

@@ -2408,7 +2408,17 @@ get_sigtype(int nid)
             return "(error getting name)";
 
         default:
-            return OBJ_nid2sn(nid);
+        {
+            const char *type = OBJ_nid2sn(nid);
+            if (!type)
+            {
+                /* This is unlikely to ever happen as OpenSSL is unlikely to
+                 * return an NID it cannot resolve itself but we silence
+                 * linter/code checkers here */
+                type = "(error getting name, OBJ_nid2sn failed)";
+            }
+            return type;
+        }
     }
 }
 #endif /* ifndef LIBRESSL_VERSION_NUMBER */