openssl/crypto/pem
Matt Caswell ee6243f394 Avoid dangling ptrs in header and data params for PEM_read_bio_ex
In the event of a failure in PEM_read_bio_ex() we free the buffers we
allocated for the header and data buffers. However we were not clearing
the ptrs stored in *header and *data. Since, on success, the caller is
responsible for freeing these ptrs this can potentially lead to a double
free if the caller frees them even on failure.

Thanks to Dawei Wang for reporting this issue.

Based on a proposed patch by Kurt Roeckx.

CVE-2022-4450

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2023-02-07 17:05:10 +01:00
..
build.info
pem_all.c
pem_err.c
pem_info.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
pem_lib.c Avoid dangling ptrs in header and data params for PEM_read_bio_ex 2023-02-07 17:05:10 +01:00
pem_local.h
pem_oth.c
pem_pk8.c Update copyright year 2022-05-03 13:34:51 +01:00
pem_pkey.c When using PEM_read_bio_PrivateKey_ex() the public key is optional 2022-11-25 10:32:18 +01:00
pem_sign.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
pem_x509.c
pem_xaux.c
pvkfmt.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00