projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9601413) | patch
Add NULL checks where ContentInfo data can be NULL
authorMatt Caswell <matt@openssl.org>
Fri, 19 Jan 2024 11:28:58 +0000 (11:28 +0000)
committerMatt Caswell <matt@openssl.org>
Thu, 25 Jan 2024 15:31:57 +0000 (15:31 +0000)
commitd135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
tree03abf30fa0c4410ecee951f25d0f02ed8dd4b305tree | snapshot
parent96014134630799ee5879ed94b6450e860ba4ebfecommit | diff
Add NULL checks where ContentInfo data can be NULL

PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23362)
crypto/pkcs12/p12_add.c diff | blob | history
crypto/pkcs12/p12_mutl.c diff | blob | history
crypto/pkcs12/p12_npas.c diff | blob | history
crypto/pkcs7/pk7_mime.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.