Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7

object could cause a null pointer dereference. Obtained from: OpenSSL CVS (change number 12080) MFC After: 1 day Reported by: Daniel Lang <dl@leo.org>
author: nectar <nectar@FreeBSD.org> 2004-04-05 19:01:57 +0000
committer: nectar <nectar@FreeBSD.org> 2004-04-05 19:01:57 +0000
commit: 4f072b64b04de8c02478d60870f51a58946761e3 (patch)
tree: 5a9a82c71ef0fc15017418af46043d19dc20f923 /crypto/openssl
parent: 0f095e8a2af65fdcbf4af38dc6a00383e2fd6b3f (diff)
download: FreeBSD-src-4f072b64b04de8c02478d60870f51a58946761e3.zip
FreeBSD-src-4f072b64b04de8c02478d60870f51a58946761e3.tar.gz
1 files changed, 9 insertions, 4 deletions
diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c
index 35c7dcd..b78e228 100644
--- a/crypto/openssl/crypto/pkcs7/pk7_doit.c
+++ b/crypto/openssl/crypto/pkcs7/pk7_doit.c
@@ -257,10 +257,15 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 			bio=BIO_new(BIO_s_null());
 		else
 			{
-			ASN1_OCTET_STRING *os;
-			os = PKCS7_get_octet_string(p7->d.sign->contents);
-			if (os && os->length > 0)
-				bio = BIO_new_mem_buf(os->data, os->length);
+			if (PKCS7_type_is_signed(p7))
+				{
+				ASN1_OCTET_STRING *os;
+				os = PKCS7_get_octet_string(
+							p7->d.sign->contents);
+				if (os && os->length > 0)
+					bio = BIO_new_mem_buf(os->data,
+								os->length);
+				}
 			if(bio == NULL)
 				{
 				bio=BIO_new(BIO_s_mem());
author	nectar <nectar@FreeBSD.org>	2004-04-05 19:01:57 +0000
committer	nectar <nectar@FreeBSD.org>	2004-04-05 19:01:57 +0000
commit	4f072b64b04de8c02478d60870f51a58946761e3 (patch)
tree	5a9a82c71ef0fc15017418af46043d19dc20f923 /crypto/openssl
parent	0f095e8a2af65fdcbf4af38dc6a00383e2fd6b3f (diff)
download	FreeBSD-src-4f072b64b04de8c02478d60870f51a58946761e3.zip FreeBSD-src-4f072b64b04de8c02478d60870f51a58946761e3.tar.gz