delta/openssl-new.git - github.com: openssl/openssl.git

diff options

author	Tomas Mraz <tomas@openssl.org>	2023-01-18 09:27:53 +0100
committer	Tomas Mraz <tomas@openssl.org>	2023-02-07 17:05:10 +0100
commit	6eebe6c0238178356114a96a7858f36b24172847 (patch)
tree	3f5c4c13b58cac8d867aafe7ce3d2b4f6344b62f /test/recipes
parent	7880536fe17c2b5450e279155bedd51771d28c9f (diff)
download	openssl-new-6eebe6c0238178356114a96a7858f36b24172847.tar.gz

pk7_doit.c: Check return of BIO_set_md() calls

These calls invoke EVP_DigestInit() which can fail for digests with implicit fetches. Subsequent EVP_DigestUpdate() from BIO_write() or EVP_DigestFinal() from BIO_read() will segfault on NULL dereference. This can be triggered by an attacker providing PKCS7 data digested with MD4 for example if the legacy provider is not loaded. If BIO_set_md() fails the md BIO cannot be used. CVE-2023-0401 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>

Diffstat (limited to 'test/recipes')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: