Avoid an infinite loop that can occur when verifying a message with anlibressl-v2.2.0

unknown hash function OID. Diff based on OpenSSL. Fixes CVE-2015-1792 (however, this code is not enabled/built in LibreSSL). ok doug@ miod@
author: jsing <> 2015-06-11 16:02:05 +0000
committer: jsing <> 2015-06-11 16:02:05 +0000
commit: 9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d (patch)
tree: 7603c28d63b0f1516ca5e32674511d24328d495d
parent: 652913e0fc47c01c7ce25e6f73435f2bf88f6a2e (diff)
download: openbsd-9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d.tar.gz
openbsd-9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d.tar.bz2
openbsd-9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d.zip
2 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c
index 712f08c32f..030cf74d21 100644
--- a/src/lib/libcrypto/cms/cms_smime.c
+++ b/src/lib/libcrypto/cms/cms_smime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */
+/* $OpenBSD: cms_smime.c,v 1.13 2015/06/11 16:02:05 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -132,7 +132,7 @@ do_free_upto(BIO *f, BIO *upto)
                        tbio = BIO_pop(f);
                        BIO_free(f);
                        f = tbio;
-                } while (f != upto);
+                } while (f != NULL && f != upto);
        } else
                BIO_free_all(f);
 }
diff --git a/src/lib/libssl/src/crypto/cms/cms_smime.c b/src/lib/libssl/src/crypto/cms/cms_smime.c
index 712f08c32f..030cf74d21 100644
--- a/src/lib/libssl/src/crypto/cms/cms_smime.c
+++ b/src/lib/libssl/src/crypto/cms/cms_smime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */
+/* $OpenBSD: cms_smime.c,v 1.13 2015/06/11 16:02:05 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -132,7 +132,7 @@ do_free_upto(BIO *f, BIO *upto)
                        tbio = BIO_pop(f);
                        BIO_free(f);
                        f = tbio;
-                } while (f != upto);
+                } while (f != NULL && f != upto);
        } else
                BIO_free_all(f);
 }
author	jsing <>	2015-06-11 16:02:05 +0000
committer	jsing <>	2015-06-11 16:02:05 +0000
commit	9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d (patch)
tree	7603c28d63b0f1516ca5e32674511d24328d495d
parent	652913e0fc47c01c7ce25e6f73435f2bf88f6a2e (diff)
download	openbsd-9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d.tar.gz openbsd-9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d.tar.bz2 openbsd-9d6d7f7cdb30dbe38e9e9706b374fd26c1ca588d.zip

diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c index 712f08c32f..030cf74d21 100644 --- a/src/lib/libcrypto/cms/cms_smime.c +++ b/src/lib/libcrypto/cms/cms_smime.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */	1	/* $OpenBSD: cms_smime.c,v 1.13 2015/06/11 16:02:05 jsing Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project.	3	* project.
4	*/	4	*/
@@ -132,7 +132,7 @@ do_free_upto(BIO f, BIO upto)
132	tbio = BIO_pop(f);	132	tbio = BIO_pop(f);
133	BIO_free(f);	133	BIO_free(f);
134	f = tbio;	134	f = tbio;
135	} while (f != upto);	135	} while (f != NULL && f != upto);
136	} else	136	} else
137	BIO_free_all(f);	137	BIO_free_all(f);
138	}	138	}


diff --git a/src/lib/libssl/src/crypto/cms/cms_smime.c b/src/lib/libssl/src/crypto/cms/cms_smime.c index 712f08c32f..030cf74d21 100644 --- a/src/lib/libssl/src/crypto/cms/cms_smime.c +++ b/src/lib/libssl/src/crypto/cms/cms_smime.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */	1	/* $OpenBSD: cms_smime.c,v 1.13 2015/06/11 16:02:05 jsing Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project.	3	* project.
4	*/	4	*/
@@ -132,7 +132,7 @@ do_free_upto(BIO f, BIO upto)
132	tbio = BIO_pop(f);	132	tbio = BIO_pop(f);
133	BIO_free(f);	133	BIO_free(f);
134	f = tbio;	134	f = tbio;
135	} while (f != upto);	135	} while (f != NULL && f != upto);
136	} else	136	} else
137	BIO_free_all(f);	137	BIO_free_all(f);
138	}	138	}