List Info

Thread: OpenSSL: OpenSSL_0_9_7-stable: openssl/crypto/evp/ p5_crpt2.c
OpenSSL: OpenSSL_0_9_7-stable: openssl/crypto/evp/ p5_crpt2.c
user name
 2006-04-15 17:42:46 
  OpenSSL CVS Repository
  http://cvs.openssl.org/
 
____________________________________________________________
________________

  Server: cvs.openssl.org                  Name:   Dr.
Stephen Henson
  Root:   /v/openssl/cvs                   Email:  steveopenssl.org
  Module: openssl                          Date:  
15-Apr-2006 19:42:46
  Branch: OpenSSL_0_9_7-stable             Handle:
2006041518424600

  Modified files:           (Branch: OpenSSL_0_9_7-stable)
    openssl/crypto/evp      p5_crpt2.c

  Log:
    Check pbe2->keyfunc->parameter is not NULL before
dereferencing.
    
    PR: 1316

  Summary:
    Revision    Changes     Path
    1.12.2.5    +8  -3      openssl/crypto/evp/p5_crpt2.c
 
____________________________________________________________
________________

  patch -p0 <<' .'
  Index: openssl/crypto/evp/p5_crpt2.c
 
============================================================
================
  $ cvs diff -u -r1.12.2.4 -r1.12.2.5 p5_crpt2.c
  --- openssl/crypto/evp/p5_crpt2.c	28 Nov 2002 08:08:20
-0000	1.12.2.4
  +++ openssl/crypto/evp/p5_crpt2.c	15 Apr 2006 17:42:46
-0000	1.12.2.5
   -194,11 +194,16 
   
   	/* Now decode key derivation function */
   
  +	if(!pbe2->keyfunc->parameter ||
  +		 (pbe2->keyfunc->parameter->type !=
V_ASN1_SEQUENCE))
  +		{
  +		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
  +		goto err;
  +		}
  +
   	pbuf =
pbe2->keyfunc->parameter->value.sequence->data;
   	plen =
pbe2->keyfunc->parameter->value.sequence->length
;
  -	if(!pbe2->keyfunc->parameter ||
  -		 (pbe2->keyfunc->parameter->type !=
V_ASN1_SEQUENCE) ||
  -				!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
  +	if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
   		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
   		goto err;
   	}
   .
____________________________________________________________
__________
OpenSSL Project                                 http://www.openssl.org
CVS Repository Commit List                    
openssl-cvsopenssl.org
Automated List Manager                          
majordomoopenssl.org
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )