[openssl/openssl] caf7a9: Fix wild pointer dereference in make_ocsp_response()

Tomas Mraz Wed, 20 Apr 2022 23:10:31 -0700

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: caf7a9cbcc7462314427c5594c0a50d457bdf3a5
      
https://github.openssl.org/openssl/openssl/commit/caf7a9cbcc7462314427c5594c0a50d457bdf3a5
  Author: Zhou Qingyang <zhou1...@umn.edu>
  Date:   2022-04-21 (Thu, 21 Apr 2022)


  Changed paths:
    M apps/ocsp.c

  Log Message:
  -----------
  Fix wild pointer dereference in make_ocsp_response()

The function OCSP_basic_add1_status() will return NULL on malloc failure.
However the return value is not checked before being passed to
OCSP_SINGLERESP_add1_ext_i2d(), and there is a wild field pointer,
which could lead to wild pointer dereference.

Fix this by adding return value check

Reviewed-by: Kurt Roeckx <k...@roeckx.be>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18081)

(cherry picked from commit 4d50a5467b0a208c61d163239a3544bae06343ea)

[openssl/openssl] caf7a9: Fix wild pointer dereference in make_ocsp_response()

Reply via email to