diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-06-05 12:11:25 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-06-11 14:52:39 +0100 |
commit | aa5ab40860deb3dc6d4d4c98a4efea99f7040a46 (patch) | |
tree | b212fc80bb346812f639fcad64b02d0d7e4ca811 /crypto/cms | |
parent | 8aa556e1c3b49274ccae579cb584eb5b702a3b0e (diff) | |
download | openssl-aa5ab40860deb3dc6d4d4c98a4efea99f7040a46.tar.gz |
Fix infinite loop in CMS
Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting
to verify and a digest is not recognised. Reported by Johannes Bauer.
CVE-2015-1792
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'crypto/cms')
-rw-r--r-- | crypto/cms/cms_smime.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index 8729e3f9c0..b39ed48998 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -132,7 +132,7 @@ static void do_free_upto(BIO *f, BIO *upto) BIO_free(f); f = tbio; } - while (f != upto); + while (f && f != upto); } else BIO_free_all(f); } |