diff options
author | Darshan Sen <raisinten@gmail.com> | 2022-01-14 16:22:41 +0530 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-01-26 17:22:08 +0100 |
commit | 481709cd4d9ad5b77f1550fd23b169934ff8e2b6 (patch) | |
tree | ba79b3c23c0e06d4c718b19d49d618a8aa46cdc1 /CHANGES.md | |
parent | 27ee6e252d04b587e98228c81ecc3e62a34bae26 (diff) | |
download | openssl-new-481709cd4d9ad5b77f1550fd23b169934ff8e2b6.tar.gz |
Fix invalid malloc failures in PEM_write_bio_PKCS8PrivateKey()
When `PEM_write_bio_PKCS8PrivateKey()` was passed an empty passphrase
string, `OPENSSL_memdup()` was incorrectly getting used for 0 bytes size
allocation, which resulted in malloc failures.
Fixes: https://github.com/openssl/openssl/issues/17506
Signed-off-by: Darshan Sen <raisinten@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17507)
(cherry picked from commit 59ccb72cd5cec3b4e312853621e12a68dacdbc7e)
Diffstat (limited to 'CHANGES.md')
-rw-r--r-- | CHANGES.md | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/CHANGES.md b/CHANGES.md index a0ef0cdcfa..50002e0af6 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -30,7 +30,10 @@ breaking changes, and mappings for the large list of deprecated functions. ### Changes between 3.0.1 and 3.0.2 [xx XXX xxxx] - * none yet + * Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty + passphrase strings. + + *Darshan Sen* ### Changes between 3.0.0 and 3.0.1 [14 Dec 2021] |