PEM_read_PUBKEY does memory corruption on malformed input - security issue?
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Oct 11 17:57:17 UTC 2023
On Wed, Oct 11, 2023 at 07:19:36PM +0200, Sascha Dierberg wrote:
> Thanks for the reply, see https://github.com/openssl/openssl/issues/22349
> too.
The reported problem is not reproducible in OpenSSL. Any memory
corruption issue is highly likely to be some logic error in the
application.
It also seems rather likely that reading malformed (e.g., as in this
case,truncated) PEM objects is not that uncommon, and any issues in the
error path would have surfaced multiple times before. Occam's razor, in
this case, strongly favours the calling code rather than OpenSSL.
--
Viktor.
More information about the openssl-users
mailing list