generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

vtls: Don't set cert info count until memory allocation is successful

Browse Source 
Otherwise Curl_ssl_init_certinfo() can fail and set the num_of_certs
member variable to the requested count, which could then be used
incorrectly as libcurl closes down.
This commit is contained in:
Steve Holme 2014-12-26 11:58:17 +00:00
parent fe43a662a2
commit cdc1cc22e7
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/vtls/vtls.c
View File

@ -593,12 +593,14 @@ void Curl_ssl_free_certinfo(struct SessionHandle *data)
{
int i;
struct curl_certinfo *ci = &data->info.certs;
if(ci->num_of_certs) {
/* free all individual lists used */
for(i=0; i<ci->num_of_certs; i++) {
curl_slist_free_all(ci->certinfo[i]);
ci->certinfo[i] = NULL;
}
free(ci->certinfo); /* free the actual array too */
ci->certinfo = NULL;
ci->num_of_certs = 0;
@ -610,13 +612,15 @@ CURLcode Curl_ssl_init_certinfo(struct SessionHandle *data, int num)
struct curl_certinfo *ci = &data->info.certs;
struct curl_slist **table;
/* Initialize the certificate information structures */
/* Free any previous certificate information structures */
Curl_ssl_free_certinfo(data);
ci->num_of_certs = num;
/* Allocate the required certificate information structures */
table = calloc((size_t) num, sizeof(struct curl_slist *));
if(!table)
return CURLE_OUT_OF_MEMORY;
ci->num_of_certs = num;
ci->certinfo = table;
return CURLE_OK;