artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e4b6dfd) | patch
Fix various NULL dereferences in PKCS #12
authortb <tb@openbsd.org>
Thu, 25 Jan 2024 13:44:08 +0000 (13:44 +0000)
committertb <tb@openbsd.org>
Thu, 25 Jan 2024 13:44:08 +0000 (13:44 +0000)
commit5fd44ab703ab05845f5818cf1f0c04c2b623b883
tree252387ecb31324be172573c279aca0dfbd10c338tree | snapshot
parente4b6dfd5d051d26e64c697da2bebc924f093f928commit | diff
Fix various NULL dereferences in PKCS #12

The PKCS #7 ContentInfo has a mandatory contentType, but the content itself
is OPTIONAL. Various unpacking API assumed presence of the content type is
enough to access members of the content, resulting in crashes.

Reported by Bahaa Naamneh on libressl-security, many thanks

ok jsing
lib/libcrypto/pkcs12/p12_add.c diff | blob | history
lib/libcrypto/pkcs12/p12_mutl.c diff | blob | history
lib/libcrypto/pkcs12/pkcs12_local.h diff | blob | history
lib/libcrypto/pkcs7/pk7_doit.c diff | blob | history
lib/libcrypto/pkcs7/pk7_mime.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim