From e5955381f2756ed7dfa9d95684f7bce72885cbd0 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Sun, 19 Jul 2015 18:25:59 +0000
Subject: Verify ASN1 objects types before attempting to access them as a
 particular type. ok guenther@ doug@

---
 src/lib/libcrypto/ts/ts_rsp_verify.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/lib/libcrypto/ts')

diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c
index 797877011c..204c6a9df8 100644
--- a/src/lib/libcrypto/ts/ts_rsp_verify.c
+++ b/src/lib/libcrypto/ts/ts_rsp_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_rsp_verify.c,v 1.15 2015/07/19 05:42:55 miod Exp $ */
+/* $OpenBSD: ts_rsp_verify.c,v 1.16 2015/07/19 18:25:59 miod Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -312,6 +312,8 @@ ESS_get_signing_cert(PKCS7_SIGNER_INFO *si)
 	    NID_id_smime_aa_signingCertificate);
 	if (!attr)
 		return NULL;
+	if (attr->type != V_ASN1_SEQUENCE)
+		return NULL;
 	p = attr->value.sequence->data;
 	return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
 }
-- 
cgit v1.2.3-55-g6feb