diff options
| author | tb <> | 2025-07-31 02:02:35 +0000 | 
|---|---|---|
| committer | tb <> | 2025-07-31 02:02:35 +0000 | 
| commit | 5c9cc2d0035cb59dfcacb47001ca9b8392b3732b (patch) | |
| tree | febd0c4807ef70a818cceffdfb2a38fcacce470d /src/lib/libcrypto/ecdh/ecdh.c | |
| parent | ec8cce1dd4e99a67543a272dfa89573835b3d118 (diff) | |
| download | openbsd-5c9cc2d0035cb59dfcacb47001ca9b8392b3732b.tar.gz openbsd-5c9cc2d0035cb59dfcacb47001ca9b8392b3732b.tar.bz2 openbsd-5c9cc2d0035cb59dfcacb47001ca9b8392b3732b.zip | |
Plug leaks due to misuse of PKCS7_add_signed_attribute()
set0/add0 functions that can fail are the worst. Without fail this trips
up both users and authors (by and large these are two identical groups
consisting of a single person), resulting in leaks and double frees.
In today's episode of spelunking in the gruesome gore provided by the
PKCS#7 and Time-Stamp protocol "implementations", we fix a couple of
leaks in PKCS7_add_attrib_smimecap() and ESS_add_signing_cert().
We do so by recalling that there is i2d_X509_ALGORS(), so we might
as well put it to use instead of inlining it poorly (aka, without
error checking). Normalize said error checking and ensure ownership
is handled correctly in the usual single-exit idiom.
ESS_add_signing_cert() can also make use of proper i2d handling, so
it's simpler and correct and in the end looks pretty much the same
as PKCS7_add_attrib_smimecap().
ok kenjiro
Diffstat (limited to 'src/lib/libcrypto/ecdh/ecdh.c')
0 files changed, 0 insertions, 0 deletions
