diff options
author | Viliam Lejčík <lejcik@gmail.com> | 2024-02-19 21:39:05 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-03-25 18:26:24 +0100 |
commit | a4cbffcd8998180b98bb9f7ce6065ed37d079d8b (patch) | |
tree | f37869b64e67b54d8d516e8233e8732099f5d0c0 /apps | |
parent | 87e747000fef07c9ec43877bc5e9f2ca34f76a3b (diff) |
Add NULL check before accessing PKCS7 encrypted algorithm
Printing content of an invalid test certificate causes application crash, because of NULL dereference:
user@user:~/openssl$ openssl pkcs12 -in test/recipes/80-test_pkcs12_data/bad2.p12 -passin pass: -info
MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: Segmentation fault (core dumped)
Added test cases for pkcs12 bad certificates
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23632)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/pkcs12.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 117b673643..64bd8f53cd 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -901,7 +901,11 @@ int dump_certs_keys_p12(BIO *out, const PKCS12 *p12, const char *pass, } else if (bagnid == NID_pkcs7_encrypted) { if (options & INFO) { BIO_printf(bio_err, "PKCS7 Encrypted data: "); - alg_print(p7->d.encrypted->enc_data->algorithm); + if (p7->d.encrypted == NULL) { + BIO_printf(bio_err, "<no data>\n"); + } else { + alg_print(p7->d.encrypted->enc_data->algorithm); + } } bags = PKCS12_unpack_p7encdata(p7, pass, passlen); } else { |