[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

kaduk at mit.edu kaduk at mit.edu
Thu Mar 1 15:25:21 UTC 2018


The branch OpenSSL_1_1_0-stable has been updated
       via  ea8d9cec4739d6b06d25f3d01a1b7666d5a090ed (commit)
      from  fa9ab9ee91c28b755f8fc51d4c45042e6798ce6b (commit)


- Log -----------------------------------------------------------------
commit ea8d9cec4739d6b06d25f3d01a1b7666d5a090ed
Author: Brad Spencer <bspencer at blackberry.com>
Date:   Wed Dec 20 13:41:14 2017 -0400

    Test the result of CMS_RecipientInfo_ktri_get0_algs() before using its output in rsa_cms_encrypt().
    
    CLA: trivial
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/4966)
    
    (cherry picked from commit 178989b4a3ed714fa169cae5865c75f156ec9fdb)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rsa/rsa_ameth.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 5694140..8f7f8da 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -773,7 +773,8 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
     EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
     int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen;
     unsigned char *label;
-    CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg);
+    if (CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg) <= 0)
+        return 0;
     if (pkctx) {
         if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
             return 0;


More information about the openssl-commits mailing list