openssl - Mirror of https://github.com/openssl/openssl

diff options

author	Matt Caswell <matt@openssl.org>	2022-12-14 16:18:14 +0000
committer	Tomas Mraz <tomas@openssl.org>	2023-02-07 17:05:10 +0100
commit	9cc85002a1138235bdc272b837d7eb32d6b7aa95 (patch)
tree	2d8278243a452cb1c7e6abd2d0acc592333f5b0d /test/recipes/80-test_cms.t
parent	dc341a46677fe19f055bd2eea0e3a2af21053903 (diff)

Fix a UAF resulting from a bug in BIO_new_NDEF

If the aux->asn1_cb() call fails in BIO_new_NDEF then the "out" BIO will be part of an invalid BIO chain. This causes a "use after free" when the BIO is eventually freed. Based on an original patch by Viktor Dukhovni and an idea from Theo Buehler. Thanks to Octavio Galland for reporting this issue. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>

Diffstat (limited to 'test/recipes/80-test_cms.t')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: