CMS_decrypt*(): fix misconceptions and memory leak - backport to v3.0 and 3.1
#20209
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Also document CMS_decrypt_set1_password() and fix CMS_EnvelopedData_create.pod.
…ent mismatch was not the issue
Fixes openssl#19975 for CMS_decrypt_set1_pkey_and_peer() in the obvious way, and a related potential crash in CMS_decrypt_set1_password(). The point is that the input might have an unexpected content type, so a guard is needed at both places after `ec` is obtained. Note that in CMS_decrypt_set1_pkey_and_peer() there was no such ec != NULL guard for ``` if (ris != NULL) debug = ec->debug; ``` maybe because it is implied here by ris != NULL.
DDvO
added
approval: review pending
This was referenced Feb 3, 2023
t8m
approved these changes
Feb 6, 2023
t8m
removed
the
approval: otc review pending
paulidale
reviewed
Feb 21, 2023
paulidale
approved these changes
Feb 23, 2023
paulidale
added
approval: done
|
AFAICT, the CI failures are not relevant? |
Yep, since months I see one or two if those Windows runs fail on most PRs, |
|
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
DDvO
added
approval: ready to merge
openssl-machine
pushed a commit
that referenced
this pull request
Feb 24, 2023
Also document CMS_decrypt_set1_password() and fix CMS_EnvelopedData_create.pod. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #20209)
openssl-machine
pushed a commit
that referenced
this pull request
Feb 24, 2023
…ecryption key Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #20209)
openssl-machine
pushed a commit
that referenced
this pull request
Feb 24, 2023
…ent mismatch was not the issue Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #20209)
openssl-machine
pushed a commit
that referenced
this pull request
Feb 24, 2023
Fixes #19975 for CMS_decrypt_set1_pkey_and_peer() in the obvious way, and a related potential crash in CMS_decrypt_set1_password(). The point is that the input might have an unexpected content type, so a guard is needed at both places after `ec` is obtained. Note that in CMS_decrypt_set1_pkey_and_peer() there was no such ec != NULL guard for ``` if (ris != NULL) debug = ec->debug; ``` maybe because it is implied here by ris != NULL. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #20209)
openssl-machine
pushed a commit
that referenced
this pull request
Feb 24, 2023
Fixes #19975 for CMS_decrypt_set1_pkey_and_peer() in the obvious way, and a related potential crash in CMS_decrypt_set1_password(). The point is that the input might have an unexpected content type, so a guard is needed at both places after `ec` is obtained. Note that in CMS_decrypt_set1_pkey_and_peer() there was no such ec != NULL guard for ``` if (ris != NULL) debug = ec->debug; ``` maybe because it is implied here by ris != NULL. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #20209) (cherry picked from commit ceb767b)
|
Merged to 3.0 and cherry-picked to 3.1 - thanks @t8m and @paulidale for the approvals. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a backport of #19222 as motivated by #19222 (comment).
It also includes the fixup done in #19981.