Avoid a NULL pointer deref when X509_get_pubkey() returns NULL. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	doug <>	2015-03-15 22:52:17 +0000
committer	doug <>	2015-03-15 22:52:17 +0000
commit	4fb860a66d9312261140bce7cdc5fbdef4e6e43a (patch)
tree	01ebe7687db1cbf2e70dbdb4cc39085a746ed078 /src/lib/libssl/d1_lib.c
parent	3548b78188a9f7244d3eae3cbafe1645fa6746d8 (diff)
download	openbsd-4fb860a66d9312261140bce7cdc5fbdef4e6e43a.tar.gz openbsd-4fb860a66d9312261140bce7cdc5fbdef4e6e43a.tar.bz2 openbsd-4fb860a66d9312261140bce7cdc5fbdef4e6e43a.zip

Avoid a NULL pointer deref when X509_get_pubkey() returns NULL.

A NULL pointer could be dereferenced when X509_REQ_set_pubkey() calls X509_PUBKEY_set() with pktmp. OpenSSL says it's the fix for CVE-2015-0288, but there aren't any public details yet to confirm. Either way, we should fix this. Based on OpenSSL commit 28a00bcd8e318da18031b2ac8778c64147cd54f9 and BoringSSL commit 9d102ddbc0f6ed835ed12272a3d8a627d6a8e728. "looks sane" beck@ ok miod@, bcook@

Diffstat (limited to 'src/lib/libssl/d1_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: