From: Eric Sesterhenn <eric.sesterhenn@x41-dsec.de>
Date: Sun, 8 Oct 2017 18:02:32 +0000 (+0200)
Subject: pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
X-Git-Tag: v4.4.95~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6f0dee7d9c9b815c45b96cad2ab2958b4afe5840;p=thirdparty%2Fkernel%2Fstable.git

pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.

commit 68a1fdbbf8bd3378325e45c19e167a165f9ffc3a upstream.

The ASN.1 parser does not necessarily set the sinfo field,
this patch prevents a NULL pointer dereference on broken
input.

Fixes: 99db44350672 ("PKCS#7: Appropriately restrict authenticated attributes and content type")
Signed-off-by: Eric Sesterhenn <eric.sesterhenn@x41-dsec.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 8f3056cd03991..2516e97c58f1b 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -90,6 +90,9 @@ static int pkcs7_check_authattrs(struct pkcs7_message *msg)
 	bool want;
 
 	sinfo = msg->signed_infos;
+	if (!sinfo)
+		goto inconsistent;
+
 	if (sinfo->authattrs) {
 		want = true;
 		msg->have_authattrs = true;