Skip to main content
Revision aa5ab40860deb3dc6d4d4c98a4efea99f7040a46 authored by Dr. Stephen Henson on 05 June 2015, 11:11:25 UTC, committed by Matt Caswell on 11 June 2015, 13:52:39 UTC
Fix infinite loop in CMS
Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting
to verify and a digest is not recognised. Reported by Johannes Bauer.

CVE-2015-1792

Reviewed-by: Matt Caswell <matt@openssl.org>
1 parent 8aa556e
Raw File
dummytest.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <openssl/e_os2.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>

int main(int argc, char *argv[])
{
    char *p, *q = 0, *program;

    p = strrchr(argv[0], '/');
    if (!p)
        p = strrchr(argv[0], '\\');
#ifdef OPENSSL_SYS_VMS
    if (!p)
        p = strrchr(argv[0], ']');
    if (p)
        q = strrchr(p, '>');
    if (q)
        p = q;
    if (!p)
        p = strrchr(argv[0], ':');
    q = 0;
#endif
    if (p)
        p++;
    if (!p)
        p = argv[0];
    if (p)
        q = strchr(p, '.');
    if (p && !q)
        q = p + strlen(p);

    if (!p)
        program = BUF_strdup("(unknown)");
    else {
        program = OPENSSL_malloc((q - p) + 1);
        strncpy(program, p, q - p);
        program[q - p] = '\0';
    }

    for (p = program; *p; p++)
        if (islower((unsigned char)(*p)))
            *p = toupper((unsigned char)(*p));

    q = strstr(program, "TEST");
    if (q > p && q[-1] == '_')
        q--;
    *q = '\0';

    printf("No %s support\n", program);

    OPENSSL_free(program);
    return (0);
}
back to top