Avoid NULL dereference with PKCS7_OP_SET_DETACHED_SIGNATURE

We would dereference p7->d.sign pointer which can be NULL.

Reported by Han Zheng.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26078)
This commit is contained in:
Tomas Mraz 2024-11-28 10:10:28 +01:00
parent 4a4505cc64
commit f2348f1f84

View File

@ -28,6 +28,11 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
/* NOTE(emilia): does not support detached digested data. */
case PKCS7_OP_SET_DETACHED_SIGNATURE:
if (nid == NID_pkcs7_signed) {
if (p7->d.sign == NULL) {
ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
ret = 0;
break;
}
ret = p7->detached = (int)larg;
if (ret && PKCS7_type_is_data(p7->d.sign->contents)) {
ASN1_OCTET_STRING *os;