openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix segfault in openssl x509 -modulus 

The command ``openssl x509 -noout -modulus -in cert.pem`` used to segfaults
sometimes because an uninitialized variable was passed to
``BN_lebin2bn``. The bug triggered an assertion in bn_expand_internal().

Fixes: https://github.com/openssl/openssl/issues/15899
Signed-off-by: Christian Heimes <christian@python.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15900)
This commit is contained in:
Christian Heimes 2021-06-24 17:47:30 +02:00 committed by Pauli
parent 15500c9d08
commit 89fe295257
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/x509.c
View File

@ -943,7 +943,7 @@ int x509_main(int argc, char **argv)
} else if (i == modulus) {
BIO_printf(out, "Modulus=");
if (EVP_PKEY_is_a(pkey, "RSA")) {
BIGNUM *n;
BIGNUM *n = NULL;
/* Every RSA key has an 'n' */
EVP_PKEY_get_bn_param(pkey, "n", &n);