From d5e081233e0f8b6b3b110ff3949627a45957ff6a Mon Sep 17 00:00:00 2001
From: "Victor M. Alvarez" <vmalvarez@virustotal.com>
Date: Fri, 9 Feb 2024 11:00:48 +0100
Subject: [PATCH] Fix invalid pointer dereference in `extract_ms_counter_certs`

Closes https://github.com/avast/authenticode-parser/issues/19
---
 src/authenticode.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/authenticode.c b/src/authenticode.c
index e8a0d59..892bfda 100644
--- a/src/authenticode.c
+++ b/src/authenticode.c
@@ -197,6 +197,12 @@ static void extract_ms_counter_certs(const uint8_t* data, int len, CertificateAr
     if (!p7)
         return;
 
+    /* We expect SignedData type of PKCS7 */
+    if (!PKCS7_type_is_signed(p7) || !p7->d.sign) {
+        PKCS7_free(p7);
+        return;
+    }
+
     STACK_OF(X509)* certs = p7->d.sign->cert;
     CertificateArray* certArr = certificate_array_new(sk_X509_num(certs));
     if (!certArr) {