#1 2024-06-19 12:46:21

EMartin
Member
From: Buenos Aires - Argentina
Registered: 2013-01-09
Posts: 337

Fix bug in OpenSslLoad

Hi @ab, I found a bug in the function mormot.crypt.openssl.OpenSslLoad.

function OpenSslLoad(const Cert: RawByteString): ICryptCert;
var
  x: PX509;
  der: RawByteString;
begin
  result := nil;
  der := PemToDer(Cert);
  if not AsnDecChunk(der) then // basic input validation !!! HERE, the parameter must be `der` instead of `Cert`
    exit;
  x := LoadCertificate(der);
  if x <> nil then
    result := CryptCertOpenSsl[X509Algo(x)].FromHandle(x);
end;

Esteban

Offline

#2 2024-06-19 13:11:47

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,710
Website

Re: Fix bug in OpenSslLoad

You are right.

It should be fixed with
https://github.com/synopse/mORMot2/commit/52d3af0f

Offline

Board footer

Powered by FluxBB