Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CMS_decrypt_set1_*(): fix NULL deref on unsuitable content type
Fixes #19975 for CMS_decrypt_set1_pkey_and_peer() in the obvious way, and a related potential crash in CMS_decrypt_set1_password(). The point is that the input might have an unexpected content type, so a guard is needed at both places after `ec` is obtained. Note that in CMS_decrypt_set1_pkey_and_peer() there was no such ec != NULL guard for ``` if (ris != NULL) debug = ec->debug; ``` maybe because it is implied here by ris != NULL. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #20209)
- Loading branch information