openssl(1) pkcs7 avoid crash on malformed files

author tb <tb@openbsd.org>

Wed, 8 Feb 2023 07:59:24 +0000 (07:59 +0000)

committer tb <tb@openbsd.org>

Wed, 8 Feb 2023 07:59:24 +0000 (07:59 +0000)
author tb <tb@openbsd.org>
Wed, 8 Feb 2023 07:59:24 +0000 (07:59 +0000)
committer tb <tb@openbsd.org>
Wed, 8 Feb 2023 07:59:24 +0000 (07:59 +0000)
diff --git a/usr.bin/openssl/pkcs7.c b/usr.bin/openssl/pkcs7.c

index 4f0c529..b0acf3f 100644 (file)
--- a/usr.bin/openssl/pkcs7.c
+++ b/usr.bin/openssl/pkcs7.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkcs7.c,v 1.12 2022/11/11 17:07:39 joshua Exp $ */
+/* $OpenBSD: pkcs7.c,v 1.13 2023/02/08 07:59:24 tb Exp $ */
  /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   * All rights reserved.
   *
@@ -216,12 +216,16 @@ pkcs7_main(int argc, char **argv)
                 i = OBJ_obj2nid(p7->type);
                 switch (i) {
                 case NID_pkcs7_signed:
-                       certs = p7->d.sign->cert;
-                       crls = p7->d.sign->crl;
+                       if (p7->d.sign != NULL) {
+                               certs = p7->d.sign->cert;
+                               crls = p7->d.sign->crl;
+                       }
                         break;
                 case NID_pkcs7_signedAndEnveloped:
-                       certs = p7->d.signed_and_enveloped->cert;
-                       crls = p7->d.signed_and_enveloped->crl;
+                       if (p7->d.signed_and_enveloped != NULL) {
+                               certs = p7->d.signed_and_enveloped->cert;
+                               crls = p7->d.signed_and_enveloped->crl;
+                       }
                         break;
                 default:
                         break;
author	tb <tb@openbsd.org>
	Wed, 8 Feb 2023 07:59:24 +0000 (07:59 +0000)
committer	tb <tb@openbsd.org>
	Wed, 8 Feb 2023 07:59:24 +0000 (07:59 +0000)