[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Dr. Stephen Henson
steve at openssl.org
Tue Feb 3 14:03:21 UTC 2015
The branch OpenSSL_1_0_2-stable has been updated
via f17a4ad7d7b5b6131f951409f7be79eaac62fd31 (commit)
from 79e028575541e8fb37fe4d0889c985b2db0b6011 (commit)
- Log -----------------------------------------------------------------
commit f17a4ad7d7b5b6131f951409f7be79eaac62fd31
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Sun Feb 1 13:06:32 2015 +0000
Check PKCS#8 pkey field is valid before cleansing.
PR:3683
Reviewed-by: Tim Hudson <tjh at openssl.org>
(cherry picked from commit 52e028b9de371da62c1e51b46592517b1068d770)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/p8_pkey.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c
index 9075483..0a425cd 100644
--- a/crypto/asn1/p8_pkey.c
+++ b/crypto/asn1/p8_pkey.c
@@ -69,7 +69,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
if (operation == ASN1_OP_FREE_PRE) {
PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
- if (key->pkey->value.octet_string)
+ if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING
+ && key->pkey->value.octet_string != NULL)
OPENSSL_cleanse(key->pkey->value.octet_string->data,
key->pkey->value.octet_string->length);
}
More information about the openssl-commits
mailing list