Revision - aa5ab40 - Fix infinite loop in CMS – ENEA Mirror of the Software Heritage archive

Revision aa5ab40860deb3dc6d4d4c98a4efea99f7040a46 authored by Dr. Stephen Henson on 05 June 2015, 11:11:25 UTC, committed by Matt Caswell on 11 June 2015, 13:52:39 UTC

Fix infinite loop in CMS

Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting
to verify and a digest is not recognised. Reported by Johannes Bauer.

CVE-2015-1792

Reviewed-by: Matt Caswell <matt@openssl.org>

1 parent 8aa556e

Files
Changes

Permalinks

File	Mode	Size
cacert.pem	-rw-r--r--	1.0 KB
cakey.pem	-rw-r--r--	891 bytes
cms_comp.c	-rw-r--r--	1.1 KB
cms_ddec.c	-rw-r--r--	1.7 KB
cms_dec.c	-rw-r--r--	1.4 KB
cms_denc.c	-rw-r--r--	2.0 KB
cms_enc.c	-rw-r--r--	1.8 KB
cms_sign.c	-rw-r--r--	1.7 KB
cms_sign2.c	-rw-r--r--	1.9 KB
cms_uncomp.c	-rw-r--r--	956 bytes
cms_ver.c	-rw-r--r--	1.5 KB
comp.txt	-rw-r--r--	566 bytes
encr.txt	-rw-r--r--	65 bytes
sign.txt	-rw-r--r--	58 bytes
signer.pem	-rw-r--r--	1.8 KB
signer2.pem	-rw-r--r--	1.8 KB

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...