Overview

File openssl-0010-cms_msgSigDigest.patch of Package openssl-3

Description: Fix CWE-476 (NULL Pointer Dereference) in cms_msgSigDigest
Issue: The pointer 'si' (SignerInfo) is dereferenced to get digestAlgorithm, but the call path allows 'si' to be NULL (e.g., if extracting from a list fails).

Index: openssl-3.6.0/crypto/cms/cms_ess.c
===================================================================
--- openssl-3.6.0.orig/crypto/cms/cms_ess.c
+++ openssl-3.6.0/crypto/cms/cms_ess.c
@@ -218,6 +218,9 @@ void CMS_ReceiptRequest_get0_values(CMS_
 static int cms_msgSigDigest(CMS_SignerInfo *si,
                             unsigned char *dig, unsigned int *diglen)
 {
+    if (si == NULL)
+        return 0;
+
     const EVP_MD *md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
 
     if (md == NULL)
openSUSE Build Service is sponsored by
Places