Avoid a NULL pointer deref when X509_get_pubkey() returns NULL. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	doug <>	2015-03-15 22:52:17 +0000
committer	doug <>	2015-03-15 22:52:17 +0000
commit	09abc5bf0229b90d3588a393613e09d669ec3581 (patch)
tree	01ebe7687db1cbf2e70dbdb4cc39085a746ed078 /src/lib/libcrypto/crypto
parent	2d03a31822d6ba85150d11917bead7662359a267 (diff)
download	openbsd-09abc5bf0229b90d3588a393613e09d669ec3581.tar.gz openbsd-09abc5bf0229b90d3588a393613e09d669ec3581.tar.bz2 openbsd-09abc5bf0229b90d3588a393613e09d669ec3581.zip

Avoid a NULL pointer deref when X509_get_pubkey() returns NULL.

A NULL pointer could be dereferenced when X509_REQ_set_pubkey() calls X509_PUBKEY_set() with pktmp. OpenSSL says it's the fix for CVE-2015-0288, but there aren't any public details yet to confirm. Either way, we should fix this. Based on OpenSSL commit 28a00bcd8e318da18031b2ac8778c64147cd54f9 and BoringSSL commit 9d102ddbc0f6ed835ed12272a3d8a627d6a8e728. "looks sane" beck@ ok miod@, bcook@

Diffstat (limited to 'src/lib/libcrypto/crypto')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: