summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto
diff options
context:
space:
mode:
authortb <>2026-01-27 14:03:01 +0000
committertb <>2026-01-27 14:03:01 +0000
commit81617536ce695a5b2c65926fbe0b3b14466d95b6 (patch)
treee05cf5f68225e4754b2cf6c5714ef135c53ee909 /src/lib/libcrypto
parentefd505d49400b554c0256059d2e26357d2be6066 (diff)
downloadopenbsd-81617536ce695a5b2c65926fbe0b3b14466d95b6.tar.gz
openbsd-81617536ce695a5b2c65926fbe0b3b14466d95b6.tar.bz2
openbsd-81617536ce695a5b2c65926fbe0b3b14466d95b6.zip
Add NULL pointer check to PKCS12_item_decrypt_d2i()
Avoids a NULL pointer dereference triggerable by a malformed PCKS#12 file. From Luigino Camastra via OpenSSL (CVE-2025-69421) ok jsing
Diffstat (limited to 'src/lib/libcrypto')
-rw-r--r--src/lib/libcrypto/pkcs12/p12_decr.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c
index 8466e92415..3090781eba 100644
--- a/src/lib/libcrypto/pkcs12/p12_decr.c
+++ b/src/lib/libcrypto/pkcs12/p12_decr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_decr.c,v 1.27 2025/05/10 05:54:38 tb Exp $ */ 1/* $OpenBSD: p12_decr.c,v 1.28 2026/01/27 14:03:01 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -130,6 +130,11 @@ PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
130 void *ret; 130 void *ret;
131 int outlen; 131 int outlen;
132 132
133 if (oct == NULL) {
134 PKCS12error(ERR_R_PASSED_NULL_PARAMETER);
135 return NULL;
136 }
137
133 if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, 138 if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
134 &out, &outlen, 0)) { 139 &out, &outlen, 0)) {
135 PKCS12error(PKCS12_R_PKCS12_PBE_CRYPT_ERROR); 140 PKCS12error(PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-08 20:28:01 +0000