mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix possible infinite loop in pem_read_bio_key_decoder()

Browse Source 
There could be an infinite loop if no read happened.

Fixes #15426

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15441)
This commit is contained in:
Tomas Mraz 2021-05-24 18:47:45 +02:00
parent b59b2f93a1
commit 07f65429c3
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/pem/pem_pkey.c
View File

@ -36,6 +36,11 @@ static EVP_PKEY *pem_read_bio_key_decoder(BIO *bp, EVP_PKEY **x,
{
EVP_PKEY *pkey = NULL;
OSSL_DECODER_CTX *dctx = NULL;
int pos, newpos;
if ((pos = BIO_tell(bp)) < 0)
/* We can depend on BIO_tell() thanks to the BIO_f_readbuffer() */
return NULL;
dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "PEM", NULL, NULL,
selection, libctx, propq);
@ -50,8 +55,10 @@ static EVP_PKEY *pem_read_bio_key_decoder(BIO *bp, EVP_PKEY **x,
goto err;
while (!OSSL_DECODER_from_bio(dctx, bp) || pkey == NULL)
if (BIO_eof(bp) != 0)
if (BIO_eof(bp) != 0 || (newpos = BIO_tell(bp)) < 0 || newpos <= pos)
goto err;
else
pos = newpos;
if (!evp_keymgmt_util_has(pkey, selection)) {
EVP_PKEY_free(pkey);