[openssl/openssl] 2502e7: Ensure ASN1 types are checked before use.
0 views
Skip to first unread message
Bob Beck
Jan 13, 2026, 6:13:38 AM (yesterday) Jan 13
to openssl...@openssl.org
Branch: refs/heads/openssl-3.5
Home: https://github.com/openssl/openssl
Commit: 2502e7b7d4c0cf4f972a881641fe09edc67aeec4
https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
Author: Bob Beck <be...@openssl.org>
Date: 2026-01-13 (Tue, 13 Jan 2026)
Changed paths:
M apps/s_client.c
M crypto/pkcs12/p12_kiss.c
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
Ensure ASN1 types are checked before use.
Some of these were fixed by LibreSSL in commit https://github.com/openbsd/src/commit/aa1f637d454961d22117b4353f98253e984b3ba8
this fix includes the other fixes in that commit, as well as fixes for others found by a scan
for a similar unvalidated access paradigm in the tree.
Reviewed-by: Kurt Roeckx <ku...@roeckx.be>
Reviewed-by: Shane Lontis <shane....@oracle.com>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29582)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Home: https://github.com/openssl/openssl
Commit: 2502e7b7d4c0cf4f972a881641fe09edc67aeec4
https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4
Author: Bob Beck <be...@openssl.org>
Date: 2026-01-13 (Tue, 13 Jan 2026)
Changed paths:
M apps/s_client.c
M crypto/pkcs12/p12_kiss.c
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
Ensure ASN1 types are checked before use.
Some of these were fixed by LibreSSL in commit https://github.com/openbsd/src/commit/aa1f637d454961d22117b4353f98253e984b3ba8
this fix includes the other fixes in that commit, as well as fixes for others found by a scan
for a similar unvalidated access paradigm in the tree.
Reviewed-by: Kurt Roeckx <ku...@roeckx.be>
Reviewed-by: Shane Lontis <shane....@oracle.com>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29582)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages