From: Dr. Stephen Henson Date: Fri, 5 Jun 2015 11:11:25 +0000 (+0100) Subject: Fix infinite loop in CMS X-Git-Tag: OpenSSL_0_9_8zg~4 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=92f9a8bf3844359bb50d86dab92bc24b074d350d;p=oweals%2Fopenssl.git Fix infinite loop in CMS Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting to verify and a digest is not recognised. Reported by Johannes Bauer. CVE-2015-1792 Reviewed-by: Matt Caswell --- diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index ecb05c437e..9717789e3c 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -131,7 +131,7 @@ static void do_free_upto(BIO *f, BIO *upto) BIO_free(f); f = tbio; } - while (f != upto); + while (f && f != upto); } else BIO_free_all(f); }