From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Wed, 7 Oct 2020 10:23:01 +0000 (+0300)
Subject: Fix zero-length content verification in S/MIME format
X-Git-Tag: openssl-3.0.0-alpha7~45
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=13c5ec569ea9286ff18e019fb2d53be64829c62c;p=thirdparty%2Fopenssl.git

Fix zero-length content verification in S/MIME format

Fixes #13082

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13087)
---

diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index f9a851950fa..c8bec75cdd2 100644
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -401,7 +401,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
         long len;
 
         len = BIO_get_mem_data(dcont, &ptr);
-        tmpin = BIO_new_mem_buf(ptr, len);
+        tmpin = (len == 0) ? dcont : BIO_new_mem_buf(ptr, len);
         if (tmpin == NULL) {
             CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
             goto err2;
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index 5cbc18c63eb..e9ae4f3394c 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -311,7 +311,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
         char *ptr;
         long len;
         len = BIO_get_mem_data(indata, &ptr);
-        tmpin = BIO_new_mem_buf(ptr, len);
+        tmpin = (len == 0) ? indata : BIO_new_mem_buf(ptr, len);
         if (tmpin == NULL) {
             PKCS7err(0, ERR_R_MALLOC_FAILURE);
             goto err;