Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add NULL checks where ContentInfo data can be NULL #23361

Closed
wants to merge 2 commits into from
Closed

Add NULL checks where ContentInfo data can be NULL #23361

wants to merge 2 commits into from

Conversation

mattcaswell
Copy link
Member

PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

@mattcaswell
Add NULL checks where ContentInfo data can be NULL
40c10f4 
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727
@mattcaswell
Add some tests for various PKCS12 files with NULL ContentInfo
e020abc 
PKCS7 ContentInfo fields held within a PKCS12 file can be NULL, even if the
type has been set to a valid value. CVE-2024-0727 is a result of OpenSSL
attempting to dereference the NULL pointer as a result of this.

We add test for various instances of this problem.
@mattcaswell mattcaswell added branch: master Merge to master branch approval: review pending This pull request needs review by a committer approval: otc review pending This pull request needs review by an OTC member triaged: bug The issue/pr is/fixes a bug severity: important Important bugs affecting a released version branch: 3.2 Merge to openssl-3.2 labels Jan 22, 2024
@mattcaswell mattcaswell mentioned this pull request Jan 22, 2024
Closed
@mattcaswell mattcaswell added the tests: present The PR has suitable tests present label Jan 22, 2024
@t8m t8m removed the approval: otc review pending This pull request needs review by an OTC member label Jan 22, 2024
@hlandau hlandau added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Jan 22, 2024
@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Jan 23, 2024
@openssl-machine
Copy link
Collaborator

This pull request is ready to merge

@mattcaswell
Copy link
Member Author

Pushed to master/3.2

openssl-machine pushed a commit that referenced this pull request Jan 25, 2024
@mattcaswell
Add NULL checks where ContentInfo data can be NULL
041962b 
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from #23361)
openssl-machine pushed a commit that referenced this pull request Jan 25, 2024
@mattcaswell
Add some tests for various PKCS12 files with NULL ContentInfo
8a85df7 
PKCS7 ContentInfo fields held within a PKCS12 file can be NULL, even if the
type has been set to a valid value. CVE-2024-0727 is a result of OpenSSL
attempting to dereference the NULL pointer as a result of this.

We add test for various instances of this problem.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from #23361)
openssl-machine pushed a commit that referenced this pull request Jan 25, 2024
@mattcaswell
Add NULL checks where ContentInfo data can be NULL
775acfd 
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from #23361)

(cherry picked from commit 041962b)
openssl-machine pushed a commit that referenced this pull request Jan 25, 2024
@mattcaswell
Add some tests for various PKCS12 files with NULL ContentInfo
3daedcf 
PKCS7 ContentInfo fields held within a PKCS12 file can be NULL, even if the
type has been set to a valid value. CVE-2024-0727 is a result of OpenSSL
attempting to dereference the NULL pointer as a result of this.

We add test for various instances of this problem.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from #23361)

(cherry picked from commit 8a85df7)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 8, 2024
@dongbeiouba
Add NULL checks where ContentInfo data can be NULL
46fab3b 
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 8, 2024
@dongbeiouba
Add some tests for various PKCS12 files with NULL ContentInfo
bbe6b1d 
PKCS7 ContentInfo fields held within a PKCS12 file can be NULL, even if the
type has been set to a valid value. CVE-2024-0727 is a result of OpenSSL
attempting to dereference the NULL pointer as a result of this.

We add test for various instances of this problem.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 15, 2024
@dongbeiouba
Add NULL checks where ContentInfo data can be NULL
ea42673 
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 15, 2024
@dongbeiouba
Add some tests for various PKCS12 files with NULL ContentInfo
5c18cda 
PKCS7 ContentInfo fields held within a PKCS12 file can be NULL, even if the
type has been set to a valid value. CVE-2024-0727 is a result of OpenSSL
attempting to dereference the NULL pointer as a result of this.

We add test for various instances of this problem.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 25, 2024
@dongbeiouba
Add NULL checks where ContentInfo data can be NULL
54d2844 
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 25, 2024
@dongbeiouba
Add some tests for various PKCS12 files with NULL ContentInfo
6d2c142 
PKCS7 ContentInfo fields held within a PKCS12 file can be NULL, even if the
type has been set to a valid value. CVE-2024-0727 is a result of OpenSSL
attempting to dereference the NULL pointer as a result of this.

We add test for various instances of this problem.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 25, 2024
@dongbeiouba
Add NULL checks where ContentInfo data can be NULL
3e098a1 
PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
dongbeiouba added a commit to dongbeiouba/Tongsuo that referenced this pull request Mar 25, 2024
@dongbeiouba
Add some tests for various PKCS12 files with NULL ContentInfo
2685b0b 
PKCS7 ContentInfo fields held within a PKCS12 file can be NULL, even if the
type has been set to a valid value. CVE-2024-0727 is a result of OpenSSL
attempting to dereference the NULL pointer as a result of this.

We add test for various instances of this problem.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from openssl/openssl#23361)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nhorman nhorman nhorman approved these changes

@hlandau hlandau hlandau approved these changes

@t8m t8m t8m approved these changes

Assignees
No one assigned
Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch branch: 3.2 Merge to openssl-3.2 severity: important Important bugs affecting a released version tests: present The PR has suitable tests present triaged: bug The issue/pr is/fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@mattcaswell @openssl-machine @nhorman @hlandau @t8m