Re: PEM_read_PUBKEY does memory corruption on malformed input - security issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for the reply, see https://github.com/openssl/openssl/issues/22349 too. 

Am 11.10.2023 um 17:43 schrieb Viktor Dukhovni:

On Wed, Oct 11, 2023 at 10:12:48AM +0200, Sascha Dierberg wrote:


I am using PEM_read_PUBKEY to read following PEM from file:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqIBCgKCAQEA17SFrRcnYAjmxioP28zrouMe+CN0oQIDAQAB
-----END PUBLIC KEY-----

The content is invalid - I know, but after that memory in program code is
corrupted. Functions they usually work fine does:

Without posting the concrete code that attempts to read the file, no
help is possible.

     - What inputs are you passing to the PEM_read_PUBKEY function?
     - How are the various inputs initialised?
     - What does your code do on error?
     - Just in case, though unlikely to matter, what version of OpenSSL
       are you using?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux