PEM_read_PUBKEY does memory corruption on malformed input - security issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello openssl users,

I amusing PEM_read_PUBKEY to read following PEM from file:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqIBCgKCAQEA17SFrRcnYAjmxioP28zrouMe+CN0oQIDAQAB
-----END PUBLIC KEY-----

The content is invalid - I know, but after that memory in program code is corrupted. Functions they usually work fine does:

(process:12463): libsoup-CRITICAL **: 07:05:00.453: soup_connection_get_ever_used: assertion 'SOUP_IS_CONNECTION (conn)' failed
(process:12463): libsoup-WARNING **: 07:05:06.026: (../libsoup-2.74.2/libsoup/soup-session.c:2023):soup_session_process_queue_item: runtime check failed: (item->new_api)

Any recommendations? Help would be appreciated. 

Thanks in advance - Sascha 
-- 
Mit freundlichen Grüßen • With best regards - Sascha Dierberg Senior Software Engineer
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux