Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Curl segfaults when failing to get public key from SSL certificate #16468

Closed
tysg opened this issue Feb 25, 2025 · 0 comments
Closed

Curl segfaults when failing to get public key from SSL certificate #16468

tysg opened this issue Feb 25, 2025 · 0 comments
Labels
TLS

Comments

@tysg
Copy link
Contributor

tysg commented Feb 25, 2025

Version: 8.12.0

curl/lib/vtls/openssl.c

Line 4524 in 9391fc1

current_pkey = X509_get0_pubkey(current_cert);

X509_get0_pubkey can fail and return null
https://docs.openssl.org/1.1.1/man3/X509_get_pubkey/#return-values

In this case, curl will segfault at

curl/lib/vtls/openssl.c

Line 4537 in 9391fc1

type_name = EVP_PKEY_get0_type_name(current_pkey); 

$ openssl x509 -in /tmp/cert.pem  -pubkey
Error getting public key
4017346E477F0000:error:03000072:digital envelope routines:X509_PUBKEY_get0:decode error:../crypto/x509/x_pubkey.c:458:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
TLS
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

openssl: check return value of X509_get0_pubkey tysg/curl
2 participants
@bagder @tysg