Re: PEM_read_PUBKEY does memory corruption on malformed input - security issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Oct 11, 2023 at 10:12:48AM +0200, Sascha Dierberg wrote:

> I am using PEM_read_PUBKEY to read following PEM from file:
> 
> -----BEGIN PUBLIC KEY-----
> MIIBIjANBgkqIBCgKCAQEA17SFrRcnYAjmxioP28zrouMe+CN0oQIDAQAB
> -----END PUBLIC KEY-----
> 
> The content is invalid - I know, but after that memory in program code is
> corrupted. Functions they usually work fine does:

Without posting the concrete code that attempts to read the file, no
help is possible.

    - What inputs are you passing to the PEM_read_PUBKEY function?
    - How are the various inputs initialised?
    - What does your code do on error?
    - Just in case, though unlikely to matter, what version of OpenSSL
      are you using?

-- 
    Viktor.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux