projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5a49001) | patch
Don't try and verify signatures if key is NULL (CVE-2013-0166)
authorDr. Stephen Henson <steve@openssl.org>
Thu, 24 Jan 2013 13:30:42 +0000 (13:30 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 1 Apr 2014 15:37:51 +0000 (16:37 +0100)
commitb48310627d1fdc58f64ccf208ac82c732e654dca
tree918e679e429cdad1bdd908291ac8fd16310f3bfftree | snapshot
parent5a49001bde4e0cf8e34da55a9cfe9b5255275e10commit | diff
Don't try and verify signatures if key is NULL (CVE-2013-0166)
Add additional check to catch this in ASN1_item_verify too.
(cherry picked from commit 66e8211c0b1347970096e04b18aa52567c325200)
CHANGES diff | blob | history
crypto/asn1/a_verify.c diff | blob | history
crypto/ocsp/ocsp_vfy.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.