generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gtls: fix NULL pointer dereference

Browse Source 
gnutls_x509_crt_import() must not be called with a NULL certificate

Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html
Reported-by: Damian Dixon
This commit is contained in:
Daniel Stenberg
2014-04-22 23:24:31 +02:00
parent 5b463e97fa
commit 386ed2d590
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/vtls/gtls.c
View File

@@ -735,6 +735,7 @@ gtls_connect_step3(struct connectdata *conn,
/* initialize an X.509 certificate structure. */ /* initialize an X.509 certificate structure. */
gnutls_x509_crt_init(&x509_cert); gnutls_x509_crt_init(&x509_cert);
if(chainp)
/* convert the given DER or PEM encoded Certificate to the native /* convert the given DER or PEM encoded Certificate to the native
gnutls_x509_crt_t format */ gnutls_x509_crt_t format */
gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER); gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);