Fix invalid pointer dereference in `extract_ms_counter_certs`

avast / authenticode-parser

Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.

MIT License

16 stars 8 forks source link

Fix invalid pointer dereference in `extract_ms_counter_certs` #20

Closed plusvic closed 9 months ago

plusvic commented 9 months ago

I'm not quite sure if this fix is correct. It certainly prevents the SIGSEGV with file e9b3cadbd8fdb7a26a7130e7b40d4a99632fa6f767b0339385e5786d66015cfb, but I don't know if it is logically correct.

Closes #19

HoundThe commented 9 months ago

Thanks for the PR, however I think this problem struck into a thing that needs slight bigger modification. As now MS counter signature can be both PKCS7 and CMS with the latest changes. I will look into it, I need to recollect why the code is written this way :D

HoundThe commented 9 months ago

I've created PR https://github.com/avast/authenticode-parser/pull/21 that supersedes this fix. Closing this PR