Overview

File openssl-CVE-2025-69421.patch of Package openssl-1_0_0.42417

From 0a2ecb95993b588d2156dd6527459cc3983aabd5 Mon Sep 17 00:00:00 2001
From: Andrew Dinh <andrewd@openssl.org>
Date: Thu, 8 Jan 2026 01:24:30 +0900
Subject: [PATCH] Add NULL check to PKCS12_item_decrypt_d2i_ex

Address CVE-2025-69421

Add NULL check for oct parameter
---
 crypto/pkcs12/p12_decr.c | 5 +++++
 1 file changed, 5 insertions(+)

Index: openssl-1.0.2p/crypto/pkcs12/p12_decr.c
===================================================================
--- openssl-1.0.2p.orig/crypto/pkcs12/p12_decr.c
+++ openssl-1.0.2p/crypto/pkcs12/p12_decr.c
@@ -133,6 +133,11 @@ void *PKCS12_item_decrypt_d2i(X509_ALGOR
     void *ret;
     int outlen;
 
+    if (oct == NULL) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, PKCS12_R_INVALID_NULL_ARGUMENT);
+        return NULL;
+    }
+
     if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
                           &out, &outlen, 0)) {
         PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,
openSUSE Build Service is sponsored by
Places