git.schokokeks.org
Repositories
Help
Report an Issue
keks-overlay.git
Code
Commits
Branches
Tags
Suche
Strukturansicht:
19312ae
Branches
Tags
master
keks-overlay.git
dev-libs
openssl
files
openssl-1.0.2-CVE-2015-0288.patch
openssl update
Hanno Böck
commited
19312ae
at 2015-03-19 20:46:20
openssl-1.0.2-CVE-2015-0288.patch
Blame
History
Raw
https://bugs.gentoo.org/542038 From 28a00bcd8e318da18031b2ac8778c64147cd54f9 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" <steve@openssl.org> Date: Wed, 18 Feb 2015 00:34:59 +0000 Subject: [PATCH] Check public key is not NULL. CVE-2015-0288 PR#3708 Reviewed-by: Matt Caswell <matt@openssl.org> --- crypto/x509/x509_req.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index bc6e566..01795f4 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) goto err; pktmp = X509_get_pubkey(x); + if (pktmp == NULL) + goto err; i = X509_REQ_set_pubkey(ret, pktmp); EVP_PKEY_free(pktmp); if (!i) -- 2.3.1