Stop PKCS7_verify() core dumping with unknown public
key algorithms and leaking if the signature verify fails.
This commit is contained in:
Dr. Stephen Henson
parent
6676457bba
commit
75090e0365
3 changed files with 15 additions and 8 deletions
5
CHANGES
5
CHANGES
|
|
@ -4,6 +4,11 @@
|
|||
|
||||
Changes between 0.9.6 and 0.9.6a [xx XXX 2001]
|
||||
|
||||
*) Avoid coredump with unsupported or invalid public keys by checking if
|
||||
X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
|
||||
PKCS7_verify() fails with non detached data.
|
||||
[Steve Henson]
|
||||
|
||||
*) Don't use getenv in library functions when run as setuid/setgid.
|
||||
New function OPENSSL_issetugid().
|
||||
[Ulf Moeller]
|
||||
|
|
|
|||
|
|
@ -783,6 +783,11 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
|
|||
|
||||
os=si->enc_digest;
|
||||
pkey = X509_get_pubkey(x509);
|
||||
if (!pkey)
|
||||
{
|
||||
ret = -1;
|
||||
goto err;
|
||||
}
|
||||
if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
|
||||
|
||||
i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
|
||||
|
|
|
|||
|
|
@ -153,7 +153,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
|||
PKCS7_SIGNER_INFO *si;
|
||||
X509_STORE_CTX cert_ctx;
|
||||
char buf[4096];
|
||||
int i, j=0, k;
|
||||
int i, j=0, k, ret = 0;
|
||||
BIO *p7bio;
|
||||
BIO *tmpout;
|
||||
|
||||
|
|
@ -258,18 +258,15 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
|||
}
|
||||
}
|
||||
|
||||
sk_X509_free(signers);
|
||||
if(indata) BIO_pop(p7bio);
|
||||
BIO_free_all(p7bio);
|
||||
|
||||
return 1;
|
||||
ret = 1;
|
||||
|
||||
err:
|
||||
|
||||
if(indata) BIO_pop(p7bio);
|
||||
BIO_free_all(p7bio);
|
||||
sk_X509_free(signers);
|
||||
BIO_free(p7bio);
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
|
||||
|
|
|
|||
Loading…
Reference in a new issue