mirror of
https://github.com/openssl/openssl.git
synced 2024-12-21 06:09:35 +08:00
041962b429
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are optional and can be NULL even if the "type" is a valid value. OpenSSL was not properly accounting for this and a NULL dereference can occur causing a crash. CVE-2024-0727 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23361) |
||
---|---|---|
.. | ||
build.info | ||
p12_add.c | ||
p12_asn.c | ||
p12_attr.c | ||
p12_crpt.c | ||
p12_crt.c | ||
p12_decr.c | ||
p12_init.c | ||
p12_key.c | ||
p12_kiss.c | ||
p12_local.h | ||
p12_mutl.c | ||
p12_npas.c | ||
p12_p8d.c | ||
p12_p8e.c | ||
p12_sbag.c | ||
p12_utl.c | ||
pk12err.c |