]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 39bcfb1)
Fix infinite loop in CMS
authorDr. Stephen Henson <steve@openssl.org>
Fri, 5 Jun 2015 11:11:25 +0000 (12:11 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 11 Jun 2015 12:07:42 +0000 (13:07 +0100)
Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting
to verify and a digest is not recognised. Reported by Johannes Bauer.

CVE-2015-1792

Reviewed-by: Matt Caswell <matt@openssl.org>
crypto/cms/cms_smime.c patch | blob | blame | history

diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index ecb05c437e0c11d8d490c357c6da56b939559311..9717789e3c753deccee99ba9f75adf080cde9bea 100644 (file)
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -131,7 +131,7 @@ static void do_free_upto(BIO *f, BIO *upto)
             BIO_free(f);
             f = tbio;
         }
-        while (f != upto);
+        while (f && f != upto);
     } else
         BIO_free_all(f);
 }
A mirror of the official openssl repository