mirror of
https://github.com/openssl/openssl.git
synced 2024-12-03 05:41:46 +08:00
041962b429
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are optional and can be NULL even if the "type" is a valid value. OpenSSL was not properly accounting for this and a NULL dereference can occur causing a crash. CVE-2024-0727 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23361) |
||
---|---|---|
.. | ||
bio_pk7.c | ||
build.info | ||
pk7_asn1.c | ||
pk7_attr.c | ||
pk7_doit.c | ||
pk7_lib.c | ||
pk7_local.h | ||
pk7_mime.c | ||
pk7_smime.c | ||
pkcs7err.c |