We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There is a potential null-dereference when calling BN_num_bits. Calling this API with a NULL pointer cause NULL-dereference.
It's better to check if n is NULL before calling this API.
master
ubuntu
The text was updated successfully, but these errors were encountered:
You mean something like this?
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 9f9c8d136..6be86f871 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -536,13 +536,13 @@ CURLcode Curl_ossl_certchain(struct Curl_easy *data, SSL *ssl) EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_N, &n); EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_E, &e); #else RSA_get0_key(rsa, &n, &e, NULL); #endif /* HAVE_EVP_PKEY_GET_PARAMS */ - BIO_printf(mem, "%d", BN_num_bits(n)); + BIO_printf(mem, "%d", n ? BN_num_bits(n) : 0); #else - BIO_printf(mem, "%d", BN_num_bits(rsa->n)); + BIO_printf(mem, "%d", rsa->n ? BN_num_bits(rsa->n) : 0); #endif /* HAVE_OPAQUE_RSA_DSA_DH */ push_certinfo("RSA Public Key", i); print_pubkey_BN(rsa, n, i); print_pubkey_BN(rsa, e, i); FREE_PKEY_PARAM_BIGNUM(n);
Sorry, something went wrong.
openssl: avoid BN_num_bits() NULL pointer derefs
b9f60e0
Reported-by: icy17 on github Fixes #12099
Yes, you're correct!
b9f832e
Successfully merging a pull request may close this issue.
I did this
There is a potential null-dereference when calling BN_num_bits. Calling this API with a NULL pointer cause NULL-dereference.
I expected the following
It's better to check if n is NULL before calling this API.
curl/libcurl version
master
operating system
ubuntu
The text was updated successfully, but these errors were encountered: