[openssl/openssl] a693d6: Validate config options during x509 extension crea...

Neil Horman noreply at github.com
Fri Jan 5 19:24:49 UTC 2024


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: a693d69cd8b4b88a81f3e8174dcf90bbed4cbb53
      https://github.com/openssl/openssl/commit/a693d69cd8b4b88a81f3e8174dcf90bbed4cbb53
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2024-01-05 (Fri, 05 Jan 2024)

  Changed paths:
    M crypto/x509/v3_addr.c
    M crypto/x509/v3_asid.c
    M crypto/x509/v3_crld.c
    M crypto/x509/v3_ist.c
    A test/invalid-x509.cnf
    M test/recipes/25-test_x509.t

  Log Message:
  -----------
  Validate config options during x509 extension creation

There are several points during x509 extension creation which rely on
configuration options which may have been incorrectly parsed due to
invalid settings.  Preform a value check for null in those locations to
avoid various crashes/undefined behaviors

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23183)

(cherry picked from commit bac7e687d71b124b09ad6ad3e15be9b38c08a1ba)




More information about the openssl-commits mailing list