CMS_decrypt*(): fix misconceptions and memory leak - backport to v3.0 and 3.1
#20209
Commits on Feb 3, 2023
-
CMS_decrypt*(): fix misconceptions and mem leak
Also document CMS_decrypt_set1_password() and fix CMS_EnvelopedData_create.pod.
-
CMS_decrypt_set1_*(): remove misleading error queue entry when recipi…
…ent mismatch was not the issue
-
CMS_decrypt_set1_*(): fix NULL deref on unsuitable content type
Fixes openssl#19975 for CMS_decrypt_set1_pkey_and_peer() in the obvious way, and a related potential crash in CMS_decrypt_set1_password(). The point is that the input might have an unexpected content type, so a guard is needed at both places after `ec` is obtained. Note that in CMS_decrypt_set1_pkey_and_peer() there was no such ec != NULL guard for ``` if (ris != NULL) debug = ec->debug; ``` maybe because it is implied here by ris != NULL.
Commits on Feb 23, 2023
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.