Revision - aa5ab40 - Fix infinite loop in CMS – ENEA Mirror of the Software Heritage archive

Revision aa5ab40860deb3dc6d4d4c98a4efea99f7040a46 authored by Dr. Stephen Henson on 05 June 2015, 11:11:25 UTC, committed by Matt Caswell on 11 June 2015, 13:52:39 UTC

Fix infinite loop in CMS

Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting
to verify and a digest is not recognised. Reported by Johannes Bauer.

CVE-2015-1792

Reviewed-by: Matt Caswell <matt@openssl.org>

1 parent 8aa556e

Files
Changes

Permalinks

openssl_button.html


<!-- the `Includes OpenSSL Cryptogaphy Software' button      -->
<!-- freely usable by any application linked against OpenSSL -->
<a   href="http://www.openssl.org/">
<img src="openssl_button.gif" 
     width=102 height=47 border=0></a>

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...