From 4ab9607bafc39e3112c831efcc8db6382fb735ba Mon Sep 17 00:00:00 2001 From: tb <> Date: Wed, 23 Mar 2022 15:16:59 +0000 Subject: openssl cms: avoid NULL derefs on option parsing Two missing initializations in the new option handling cause a segfault when -nodetach or -noindef is passed to openssl cms. ok inoguchi jsing miod --- src/usr.bin/openssl/cms.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c index 5b876941fb..a3004e8af3 100644 --- a/src/usr.bin/openssl/cms.c +++ b/src/usr.bin/openssl/cms.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms.c,v 1.29 2022/01/16 07:11:49 inoguchi Exp $ */ +/* $OpenBSD: cms.c,v 1.30 2022/03/23 15:16:59 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -769,12 +769,14 @@ static const struct option cms_options[] = { .name = "nodetach", .desc = "Use opaque signing", .type = OPTION_VALUE_AND, + .opt.value = &cms_config.flags, .value = ~CMS_DETACHED, }, { .name = "noindef", .desc = "Disable CMS streaming", .type = OPTION_VALUE_AND, + .opt.value = &cms_config.flags, .value = ~CMS_STREAM, }, { -- cgit v1.2.3-55-g6feb