diff options
| author | tb <> | 2025-07-31 02:02:35 +0000 |
|---|---|---|
| committer | tb <> | 2025-07-31 02:02:35 +0000 |
| commit | 46d63bc2ba510e4fc96e384acec4676227bf7f50 (patch) | |
| tree | febd0c4807ef70a818cceffdfb2a38fcacce470d /src/lib/libc | |
| parent | aa7438bc918c1337f5cb9e3bbcb6c61710c672f9 (diff) | |
| download | openbsd-46d63bc2ba510e4fc96e384acec4676227bf7f50.tar.gz openbsd-46d63bc2ba510e4fc96e384acec4676227bf7f50.tar.bz2 openbsd-46d63bc2ba510e4fc96e384acec4676227bf7f50.zip | |
Plug leaks due to misuse of PKCS7_add_signed_attribute()
set0/add0 functions that can fail are the worst. Without fail this trips
up both users and authors (by and large these are two identical groups
consisting of a single person), resulting in leaks and double frees.
In today's episode of spelunking in the gruesome gore provided by the
PKCS#7 and Time-Stamp protocol "implementations", we fix a couple of
leaks in PKCS7_add_attrib_smimecap() and ESS_add_signing_cert().
We do so by recalling that there is i2d_X509_ALGORS(), so we might
as well put it to use instead of inlining it poorly (aka, without
error checking). Normalize said error checking and ensure ownership
is handled correctly in the usual single-exit idiom.
ESS_add_signing_cert() can also make use of proper i2d handling, so
it's simpler and correct and in the end looks pretty much the same
as PKCS7_add_attrib_smimecap().
ok kenjiro
Diffstat (limited to 'src/lib/libc')
0 files changed, 0 insertions, 0 deletions