[openssl/openssl] b1ce6a: Add coverage test for ossl_rsa_sp800_56b_derive_pa...
David von Oheimb
noreply at github.com
Wed Feb 8 15:35:26 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: b1ce6a23f8f61cc2f2f48368a97493498c026aa7
https://github.com/openssl/openssl/commit/b1ce6a23f8f61cc2f2f48368a97493498c026aa7
Author: slontis <shane.lontis at oracle.com>
Date: 2023-02-08 (Wed, 08 Feb 2023)
Changed paths:
M test/rsa_sp800_56b_test.c
Log Message:
-----------
Add coverage test for ossl_rsa_sp800_56b_derive_params_from_pq
This test runs the error path for the above function.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
(Merged from https://github.com/openssl/openssl/pull/20200)
Commit: 69b995c6fbc38163d69573803b7aa38ca64b074a
https://github.com/openssl/openssl/commit/69b995c6fbc38163d69573803b7aa38ca64b074a
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: 2023-02-08 (Wed, 08 Feb 2023)
Changed paths:
M crypto/cms/cms_smime.c
Log Message:
-----------
CMS_decrypt_set1_*(): fix NULL deref on unsuitable content type
Fixes #19975
for CMS_decrypt_set1_pkey_and_peer() in the obvious way,
and a related potential crash in CMS_decrypt_set1_password().
The point is that the input might have an unexpected content type,
so a guard is needed at both places after `ec` is obtained.
Note that in CMS_decrypt_set1_pkey_and_peer() there was
no such ec != NULL guard for
```
if (ris != NULL)
debug = ec->debug;
```
maybe because it is implied here by ris != NULL.
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19981)
Compare: https://github.com/openssl/openssl/compare/260878f7aab7...69b995c6fbc3
More information about the openssl-commits
mailing list