From 47b9aaa61c439449f9a39f6de5c19cbbc88629db Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 25 Mar 2026 10:28:45 +0100 Subject: [PATCH] pkcs5/pkcs7: Avoid NULL pointer dereference when verifying padding Can be triggered via empty PKCS#7 encrypted- or enveloped-data content in IKEv1 CERT payload. Fixes: 4076e3ee9121 ("Extract PKCS#5 handling from pkcs8 plugin to separate helper class") Fixes: d7aa09104f08 ("Implement PKCS#7 enveloped-data parsing and decryption") Fixes: CVE-2026-35329 --- src/libstrongswan/crypto/pkcs5.c | 5 +++++ .../plugins/pkcs7/pkcs7_enveloped_data.c | 14 +++++++++++--- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/src/libstrongswan/crypto/pkcs5.c b/src/libstrongswan/crypto/pkcs5.c index e48a9ad9d438..4851d3f969bd 100644 --- a/src/libstrongswan/crypto/pkcs5.c +++ b/src/libstrongswan/crypto/pkcs5.c @@ -113,6 +113,11 @@ static bool verify_padding(crypter_t *crypter, chunk_t *blob) { uint8_t padding, count; + if (!blob->len) + { + return FALSE; + } + padding = count = blob->ptr[blob->len - 1]; if (padding > crypter->get_block_size(crypter)) diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c index 8b26bad3ac43..795d979fd49b 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c @@ -182,9 +182,17 @@ static bool decrypt(private_key_t *private, chunk_t key, chunk_t iv, int oid, */ static bool remove_padding(private_pkcs7_enveloped_data_t *this) { - u_char *pos = this->content.ptr + this->content.len - 1; - u_char pattern = *pos; - size_t padding = pattern; + u_char *pos, pattern; + size_t padding; + + if (!this->content.len) + { + return FALSE; + } + + pos = this->content.ptr + this->content.len - 1; + pattern = *pos; + padding = pattern; if (padding > this->content.len) { -- 2.43.0