openssl/crypto/pkcs12
Matt Caswell 041962b429 Add NULL checks where ContentInfo data can be NULL
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23361)
2024-01-25 15:27:43 +00:00
..
build.info
p12_add.c Add NULL checks where ContentInfo data can be NULL 2024-01-25 15:27:43 +00:00
p12_asn.c
p12_attr.c
p12_crpt.c
p12_crt.c
p12_decr.c Add appropriate NULL checks in EVP_CIPHER api 2024-01-25 08:27:53 -05:00
p12_init.c
p12_key.c
p12_kiss.c
p12_local.h
p12_mutl.c Add NULL checks where ContentInfo data can be NULL 2024-01-25 15:27:43 +00:00
p12_npas.c Add NULL checks where ContentInfo data can be NULL 2024-01-25 15:27:43 +00:00
p12_p8d.c
p12_p8e.c
p12_sbag.c
p12_utl.c
pk12err.c