[31285] in CVS-changelog-for-Kerberos-V5
krb5 commit: In PKINIT, check for null PKCS7 enveloped fields
daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Thu Nov 30 17:19:10 2023
From: ghudson@mit.edu
To: <cvs-krb5@mit.edu>
Message-ID: <20231130221857.94ACB101856@krbdev.mit.edu>
Date: Thu, 30 Nov 2023 17:18:57 -0500 (EST)
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/48ccd81656381522d1f9ccb8705c13f0266a46ab
commit 48ccd81656381522d1f9ccb8705c13f0266a46ab
Author: Greg Hudson <ghudson@mit.edu>
Date: Sat Nov 25 11:04:56 2023 -0500
In PKINIT, check for null PKCS7 enveloped fields
The PKCS7 ContentInfo content field and EncryptedContentInfo
encryptedContent field are optional. Check for null values in
cms_envelopeddata_verify() before calling pkcs7_decrypt(). Reported
by Bahaa Naamneh.
ticket: 9107 (new)
tags: pullup
target_version: 1.21-next
target_version: 1.20-next
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 453b1119a..15c6cd8c4 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -2464,7 +2464,9 @@ cms_envelopeddata_verify(krb5_context context,
}
/* verify that the received message is PKCS7 EnvelopedData message */
- if (OBJ_obj2nid(p7->type) != NID_pkcs7_enveloped) {
+ if (OBJ_obj2nid(p7->type) != NID_pkcs7_enveloped ||
+ p7->d.enveloped == NULL ||
+ p7->d.enveloped->enc_data->enc_data == NULL) {
pkiDebug("Expected id-enveloped PKCS7 msg (received type = %d)\n",
OBJ_obj2nid(p7->type));
krb5_set_error_message(context, retval, "wrong oid\n");
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
