PKCS#7: avoid NULL pointer dereferences with missing content
authorEmilia Kasper <emilia@openssl.org>
Fri, 27 Feb 2015 15:52:23 +0000 (16:52 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 19 Mar 2015 12:58:35 +0000 (12:58 +0000)
commitc0334c2c92dd1bc3ad8138ba6e74006c3631b0f9
tree9778d7664f23e5d7e937b56606b53b3bb9bdd93d
parentc3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1
PKCS#7: avoid NULL pointer dereferences with missing content

In PKCS#7, the ASN.1 content component is optional.
This typically applies to inner content (detached signatures),
however we must also handle unexpected missing outer content
correctly.

This patch only addresses functions reachable from parsing,
decryption and verification, and functions otherwise associated
with reading potentially untrusted data.

Correcting all low-level API calls requires further work.

CVE-2015-0289

Thanks to Michal Zalewski (Google) for reporting this issue.

Reviewed-by: Steve Henson <steve@openssl.org>
crypto/pkcs7/pk7_doit.c
crypto/pkcs7/pk7_lib.c