[openssl/openssl] 95dfb4: Add NULL check before accessing PKCS7 encrypted al...
Viliam Lejčík
noreply at github.com
Mon Mar 25 17:30:39 UTC 2024
Branch: refs/heads/openssl-3.0
Home: https://github.com/openssl/openssl
Commit: 95dfb4244a8b6f23768714619f4f4640d51dc3ff
https://github.com/openssl/openssl/commit/95dfb4244a8b6f23768714619f4f4640d51dc3ff
Author: Viliam Lejčík <lejcik at gmail.com>
Date: 2024-03-25 (Mon, 25 Mar 2024)
Changed paths:
M apps/pkcs12.c
M test/recipes/80-test_pkcs12.t
Log Message:
-----------
Add NULL check before accessing PKCS7 encrypted algorithm
Printing content of an invalid test certificate causes application crash, because of NULL dereference:
user at user:~/openssl$ openssl pkcs12 -in test/recipes/80-test_pkcs12_data/bad2.p12 -passin pass: -info
MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: Segmentation fault (core dumped)
Added test cases for pkcs12 bad certificates
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23632)
(cherry picked from commit a4cbffcd8998180b98bb9f7ce6065ed37d079d8b)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list