diff options
| author | jsing <> | 2015-06-11 16:02:05 +0000 |
|---|---|---|
| committer | jsing <> | 2015-06-11 16:02:05 +0000 |
| commit | c3d234c2ed36636bcd9ceba3bdef8b59929b6c81 (patch) | |
| tree | 7603c28d63b0f1516ca5e32674511d24328d495d /src | |
| parent | c9348abcdc881fc5e502b4a2f135e434081a5448 (diff) | |
| download | openbsd-c3d234c2ed36636bcd9ceba3bdef8b59929b6c81.tar.gz openbsd-c3d234c2ed36636bcd9ceba3bdef8b59929b6c81.tar.bz2 openbsd-c3d234c2ed36636bcd9ceba3bdef8b59929b6c81.zip | |
Avoid an infinite loop that can occur when verifying a message with anlibressl-v2.2.0
unknown hash function OID.
Diff based on OpenSSL.
Fixes CVE-2015-1792 (however, this code is not enabled/built in LibreSSL).
ok doug@ miod@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/cms/cms_smime.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/cms/cms_smime.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c index 712f08c32f..030cf74d21 100644 --- a/src/lib/libcrypto/cms/cms_smime.c +++ b/src/lib/libcrypto/cms/cms_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */ | 1 | /* $OpenBSD: cms_smime.c,v 1.13 2015/06/11 16:02:05 jsing Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -132,7 +132,7 @@ do_free_upto(BIO *f, BIO *upto) | |||
| 132 | tbio = BIO_pop(f); | 132 | tbio = BIO_pop(f); |
| 133 | BIO_free(f); | 133 | BIO_free(f); |
| 134 | f = tbio; | 134 | f = tbio; |
| 135 | } while (f != upto); | 135 | } while (f != NULL && f != upto); |
| 136 | } else | 136 | } else |
| 137 | BIO_free_all(f); | 137 | BIO_free_all(f); |
| 138 | } | 138 | } |
diff --git a/src/lib/libssl/src/crypto/cms/cms_smime.c b/src/lib/libssl/src/crypto/cms/cms_smime.c index 712f08c32f..030cf74d21 100644 --- a/src/lib/libssl/src/crypto/cms/cms_smime.c +++ b/src/lib/libssl/src/crypto/cms/cms_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */ | 1 | /* $OpenBSD: cms_smime.c,v 1.13 2015/06/11 16:02:05 jsing Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -132,7 +132,7 @@ do_free_upto(BIO *f, BIO *upto) | |||
| 132 | tbio = BIO_pop(f); | 132 | tbio = BIO_pop(f); |
| 133 | BIO_free(f); | 133 | BIO_free(f); |
| 134 | f = tbio; | 134 | f = tbio; |
| 135 | } while (f != upto); | 135 | } while (f != NULL && f != upto); |
| 136 | } else | 136 | } else |
| 137 | BIO_free_all(f); | 137 | BIO_free_all(f); |
| 138 | } | 138 | } |