openssl/crypto/pkcs7
Matt Caswell 041962b429 Add NULL checks where ContentInfo data can be NULL
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23361)
2024-01-25 15:27:43 +00:00
..
bio_pk7.c
build.info
pk7_asn1.c
pk7_attr.c Fix possible memleak in PKCS7_add0_attrib_signing_time 2023-11-22 09:49:02 +01:00
pk7_doit.c CMS and PKCS7: fix handlling of EVP_PKEY_get_size() failure 2023-10-26 16:03:48 +01:00
pk7_lib.c Copyright year updates 2023-09-07 09:59:15 +01:00
pk7_local.h
pk7_mime.c Add NULL checks where ContentInfo data can be NULL 2024-01-25 15:27:43 +00:00
pk7_smime.c Copyright year updates 2023-09-07 09:59:15 +01:00
pkcs7err.c