Matt Caswell ee6243f394 Avoid dangling ptrs in header and data params for PEM_read_bio_ex ... In the event of a failure in PEM_read_bio_ex() we free the buffers we allocated for the header and data buffers. However we were not clearing the ptrs stored in *header and *data. Since, on success, the caller is responsible for freeing these ptrs this can potentially lead to a double free if the caller frees them even on failure. Thanks to Dawei Wang for reporting this issue. Based on a proposed patch by Kurt Roeckx. CVE-2022-4450 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>		2023-02-07 17:05:10 +01:00
..
build.info	unified build scheme: add build.info files	2016-02-01 12:46:58 +01:00
pem_all.c	Rename OSSL_ENCODER_CTX_new_by_EVP_PKEY and OSSL_DECODER_CTX_new_by_EVP_PKEY	2021-02-17 15:26:12 +01:00
pem_err.c	err: rename err_load_xxx_strings_int functions	2021-05-26 13:01:47 +10:00
pem_info.c	Stop raising ERR_R_MALLOC_FAILURE in most places	2022-10-05 14:02:03 +02:00
pem_lib.c	Avoid dangling ptrs in header and data params for PEM_read_bio_ex	2023-02-07 17:05:10 +01:00
pem_local.h	Decoding PKCS#8: separate decoding of encrypted and unencrypted PKCS#8	2021-06-09 17:00:10 +02:00
pem_oth.c	Update copyright year	2020-11-26 14:18:57 +00:00
pem_pk8.c	Update copyright year	2022-05-03 13:34:51 +01:00
pem_pkey.c	When using PEM_read_bio_PrivateKey_ex() the public key is optional	2022-11-25 10:32:18 +01:00
pem_sign.c	Stop raising ERR_R_MALLOC_FAILURE in most places	2022-10-05 14:02:03 +02:00
pem_x509.c	Following the license change, modify the boilerplates in crypto/pem/	2018-12-06 15:09:09 +01:00
pem_xaux.c	Following the license change, modify the boilerplates in crypto/pem/	2018-12-06 15:09:09 +01:00
pvkfmt.c	Stop raising ERR_R_MALLOC_FAILURE in most places	2022-10-05 14:02:03 +02:00