[openssl/openssl] d521c9: Fix NULL pointer deref when parsing the stable sec...
Neil Horman
noreply at github.com
Fri Jan 12 09:39:59 UTC 2024
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: d521c94e7b440f043bcdfdf7575c6bf8a362ded0
https://github.com/openssl/openssl/commit/d521c94e7b440f043bcdfdf7575c6bf8a362ded0
Author: Neil Horman <nhorman at openssl.org>
Date: 2024-01-12 (Fri, 12 Jan 2024)
Changed paths:
M crypto/asn1/asn_mstbl.c
A test/asn1_stable_parse_test.c
M test/build.info
A test/recipes/04-test_asn1_stable_parse.t
A test/recipes/04-test_asn1_stable_parse_data/asn1_stable_parse.cnf
Log Message:
-----------
Fix NULL pointer deref when parsing the stable section
When parsing the stable section of a config such as this:
openssl_conf = openssl_init
[openssl_init]
stbl_section = mstbl
[mstbl]
id-tc26 = min
Can lead to a SIGSEGV, as the parsing code doesnt recognize min as a
proper section name without a trailing colon to associate it with a
value. As a result the stack of configuration values has an entry with
a null value in it, which leads to the SIGSEGV in do_tcreate when we
attempt to pass NULL to strtoul.
Fix it by skipping any entry in the config name/value list that has a
null value, prior to passing it to stroul
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22988)
(cherry picked from commit 0981c20f8efa68bf9d68d7715280f83812c19a7e)
More information about the openssl-commits
mailing list