diff options
| -rw-r--r-- | lib/libcrypto/pkcs7/pk7_doit.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/ts/ts_rsp_verify.c | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/lib/libcrypto/pkcs7/pk7_doit.c b/lib/libcrypto/pkcs7/pk7_doit.c index d6fcaca745a..2c69edf4997 100644 --- a/lib/libcrypto/pkcs7/pk7_doit.c +++ b/lib/libcrypto/pkcs7/pk7_doit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pk7_doit.c,v 1.34 2015/07/18 14:40:59 miod Exp $ */ +/* $OpenBSD: pk7_doit.c,v 1.35 2015/07/19 18:25:59 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1187,6 +1187,8 @@ PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk) if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) return NULL; + if (astype->type != V_ASN1_OCTET_STRING) + return NULL; return astype->value.octet_string; } diff --git a/lib/libcrypto/ts/ts_rsp_verify.c b/lib/libcrypto/ts/ts_rsp_verify.c index 797877011c2..204c6a9df8b 100644 --- a/lib/libcrypto/ts/ts_rsp_verify.c +++ b/lib/libcrypto/ts/ts_rsp_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ts_rsp_verify.c,v 1.15 2015/07/19 05:42:55 miod Exp $ */ +/* $OpenBSD: ts_rsp_verify.c,v 1.16 2015/07/19 18:25:59 miod Exp $ */ /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL * project 2002. */ @@ -312,6 +312,8 @@ ESS_get_signing_cert(PKCS7_SIGNER_INFO *si) NID_id_smime_aa_signingCertificate); if (!attr) return NULL; + if (attr->type != V_ASN1_SEQUENCE) + return NULL; p = attr->value.sequence->data; return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length); } |