]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ced5231)
Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c
authorShane Lontis <shane.lontis@oracle.com>
Mon, 21 Sep 2020 01:42:41 +0000 (11:42 +1000)
committerShane Lontis <shane.lontis@oracle.com>
Wed, 23 Sep 2020 07:16:39 +0000 (17:16 +1000)
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12930)

crypto/cms/cms_sd.c patch | blob | blame | history

diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 4b6822f4fd295d7d042d377d5348e96ab00a11b9..121390a8d50fb2872daecf6673e8c18e111f95b8 100644 (file)
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -854,7 +854,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
 
     alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
                          ASN1_ITEM_rptr(CMS_Attributes_Verify));
-    if (!abuf)
+    if (abuf == NULL || alen < 0)
         goto err;
     r = EVP_DigestVerifyUpdate(mctx, abuf, alen);
     OPENSSL_free(abuf);
Mirror of https://github.com/openssl/openssl.git