Hanno Böck
5e0ec9012b
Call of memcmp with null pointers in obj_cmp() ...
The function obj_cmp() (file crypto/objects/obj_dat.c) can in some
situations call memcmp() with a null pointer and a zero length.
This is invalid behaviour. When compiling openssl with undefined
behaviour sanitizer (add -fsanitize=undefined to compile flags) this
can be seen. One example that triggers this behaviour is the pkcs7
command (but there are others, e.g. I've seen it with the timestamp
function):
apps/openssl pkcs7 -in test/testp7.pem
What happens is that obj_cmp takes objects of the type ASN1_OBJECT and
passes their ->data pointer to memcmp. Zero-sized ASN1_OBJECT
structures can have a null pointer as data.
RT#3816
Signed-off-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 2b8dc08b74fc3c6d4c2fc855cc23bac691d985be)
2015-05-13 15:32:23 +01:00
2015-03-13 21:14:56 -07:00
2015-04-18 14:44:17 +01:00
2015-01-22 09:38:39 +00:00
2015-04-30 23:26:07 +01:00
2015-04-16 13:51:51 -04:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:39:01 +00:00
2015-01-22 09:38:39 +00:00
2015-04-16 13:51:51 -04:00
2015-01-22 09:38:39 +00:00
2015-02-12 13:01:42 -05:00
2015-04-30 23:24:21 +01:00
2015-04-16 13:51:51 -04:00
2015-04-16 13:51:51 -04:00
2015-04-16 13:51:51 -04:00
2015-04-30 23:27:07 +01:00
2015-01-22 09:38:39 +00:00
2015-03-25 12:45:17 +00:00
2015-04-16 18:29:49 +02:00
2015-01-22 09:38:39 +00:00
2015-04-30 23:26:07 +01:00
2015-04-16 13:51:51 -04:00
2015-01-22 09:39:01 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:39:01 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-05-13 15:32:23 +01:00
2015-04-16 13:51:51 -04:00
2015-03-25 15:19:20 +01:00
2012-06-08 09:18:47 +00:00
2015-03-19 12:59:31 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-04-16 13:51:51 -04:00
2015-01-22 09:39:01 +00:00
2015-01-22 09:39:01 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-04-30 23:27:07 +01:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-04-16 13:51:51 -04:00
2015-03-19 13:38:37 +00:00
2015-01-22 09:38:39 +00:00
2015-04-16 13:51:51 -04:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-02-22 09:15:11 +01:00
2015-01-22 09:39:01 +00:00
2015-04-11 20:57:43 +02:00
2015-05-11 12:21:43 +01:00
2008-04-17 10:19:16 +00:00
2011-08-12 12:31:08 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2011-11-14 20:58:01 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-05-02 08:02:06 -04:00
2015-01-22 09:38:39 +00:00
2014-10-15 10:49:24 +02:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-02-09 13:01:28 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2011-11-14 20:45:57 +00:00
2014-10-15 10:49:08 +02:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-13 11:29:11 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-04-22 17:24:47 +01:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:39:01 +00:00
2015-01-22 09:38:39 +00:00
2005-12-16 10:37:24 +00:00
2015-03-19 13:41:07 +00:00
2015-01-22 09:38:39 +00:00
2013-06-30 23:15:53 +02:00
2015-01-22 09:38:39 +00:00
2012-04-27 20:20:15 +00:00
2015-01-22 09:38:39 +00:00
2011-11-14 20:47:22 +00:00
2013-02-11 10:41:57 +01:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2015-01-22 09:38:39 +00:00
2013-01-22 22:54:04 +01:00
2013-03-18 19:50:23 +01:00
5e0ec9012b