[openssl/openssl] a4cbff: Add NULL check before accessing PKCS7 encrypted al...
Viliam Lejčík
noreply at github.com
Mon Mar 25 17:28:38 UTC 2024
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: a4cbffcd8998180b98bb9f7ce6065ed37d079d8b
https://github.com/openssl/openssl/commit/a4cbffcd8998180b98bb9f7ce6065ed37d079d8b
Author: Viliam Lejčík <lejcik at gmail.com>
Date: 2024-03-25 (Mon, 25 Mar 2024)
Changed paths:
M apps/pkcs12.c
M test/recipes/80-test_pkcs12.t
Log Message:
-----------
Add NULL check before accessing PKCS7 encrypted algorithm
Printing content of an invalid test certificate causes application crash, because of NULL dereference:
user at user:~/openssl$ openssl pkcs12 -in test/recipes/80-test_pkcs12_data/bad2.p12 -passin pass: -info
MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: Segmentation fault (core dumped)
Added test cases for pkcs12 bad certificates
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23632)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list