[openssl-dev] [openssl.org #4579] Bug - libcrypto.a null pointer dereference bug
Onur TAŞLIOĞLU via RT
rt at openssl.org
Mon Jun 20 18:44:17 UTC 2016
I have a simple code;
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <stdio.h>
int verify_cert(const char* pem_c_str)
{
BIO *bio_mem = BIO_new(BIO_s_mem());
BIO_puts(bio_mem, pem_c_str);
X509 * x509 = PEM_read_bio_X509(bio_mem, NULL, NULL, NULL);
EVP_PKEY *pkey=X509_get_pubkey(x509);
int r= X509_verify(x509, pkey);
EVP_PKEY_free(pkey);
BIO_free(bio_mem);
X509_free(x509);
return r;
}
int main(int argc, char **argv)
{
OpenSSL_add_all_algorithms();
FILE* fd = NULL;
char publicKey[4000];
memset(publicKey,'\0',sizeof(publicKey));
fd = fopen(argv[1],"rw+");
fread(publicKey,1,4000,fd);
fseek(fd,1,SEEK_CUR);
fclose(fd);
verify_cert(publicKey);
EVP_cleanup();
}
and i have a simple public key:
-----BEGINCERTIFICATE-----
MIIDIjCCAgoCCQCE8H4/ymXyrzANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJV
UzENMAsGA1UECAwEVXRhaDENMAsGA1UEBwwET3JlbTEQMA4GA1UECgwHT3JnTmFt
ZTEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMTMwNDEwMjIxMjE5WhcNMTQwNDEw
MjIxMjE5WjBTMQswCQYDVQQGEwJVUzENMAsGA1UECAwEVXRhaDENMAsGA1UEBwwE
T3JlbTEQMA4GA1UECgwHT3JnTmFtZTEUMBIGA1UEAwwLZXhhbXBsZS5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuzA1sONmXPc6aMt+cZExA37OZ
kpVlfMCQUy8tTvqSs81F0DeTUGqq8ACdXT9iMlvENQ04xrtTEHPJcY93cAsaLowX
6pB1y1F+8Jj+rrOwmKjBM9EI0/M9TCS94IGqTcPwgQt1d+XOZ+EdL63SkTQtNFHH
hGs+g9Q+zeSM0uD7WgVxJPWezjnzQUis4j9ICXwMpuAMcmTqmxSqTzOQZAINJ9Hv
sazPMVKs+JPEZvCfP0r61d1C8WLE7QF4nmdmWUTaBO+92piqQSeF7rK3bWmCxJNX
8BFQd6h8g4XviMrybSwzf3JgM2Wxw27Vo9EADZ5Om8EjNPvB2UIbAokCOBN7AgMB
AAEwDQYJKoZIhvcNAQEFBQADggEBAHhm2J8+Dg91S1b/i9LEpn41QSMpyyonzxqo
o45CzJAuV5qN6x7FMBXB+1e+Na4Qn5K/8fJ8Z2M6jIO2MD+gB+ftVY830aN8cm+i
/Cu/iUgB9kaSDLBUZvwu2uSEyDFwdxgmF5jK2BECNTP5A99WtL3w0dE60w5Bq23L
Ivzd7XZF1orR9gJYOGHNK2s3S1vJQLBRvfRi78wfl25jyaZ2JWKGguFpQq1zJkrY
PeCGvx+54fTOTi1PZcL4+xYfA//dvB1DnlHwpNSKnWkcNI5VK6IpDfBlh4ZjB3I3
h6v6zOyvgOcvTXBHmzPsfMym1AmFNTv9/bRlwrKUlGGPaRwSEKU=
-----END CERTIFICATE-----
my program have a one input. When i give input a public key. Program
crashed.
2016-06-20 21:39 GMT+03:00 Salz, Rich via RT <rt at openssl.org>:
> Need more information, like a full backtrace and how to reproduce it.
>
> --
> Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4579
> Please log in as guest with password guest if prompted
>
>
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4579
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list