diff options
author | Eduardo Chappa <chappa@washington.edu> | 2017-07-14 08:30:59 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2017-07-14 08:30:59 -0600 |
commit | bc3f61e54599136fb264cf4074abb685b866eb85 (patch) | |
tree | 02d61412d65f5f3d51c82877ef0c4a6fcde02927 /pith/smime.c | |
parent | 65dea5ff595b089c5d46131381f01d84b7dfd79a (diff) | |
download | alpine-bc3f61e54599136fb264cf4074abb685b866eb85.tar.xz |
* Fix crash when a CA certificate failed to load, by protecting some calls
when s_cert_store is NULL, and also only freeing s_cert_store when all
certificates in the .alpine-smime/ca directory fail to load.
Diffstat (limited to 'pith/smime.c')
-rw-r--r-- | pith/smime.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/pith/smime.c b/pith/smime.c index 1878988f..50c0dcc1 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -643,7 +643,7 @@ import_certificate(WhichCerts ctype, PERSONAL_CERT *p_cert, char *fname) } else { char *s; strncpy(full_filename, fname, sizeof(full_filename)); - if((s = strrchr(full_filename, '/')) != '\0') + if((s = strrchr(full_filename, '/')) != NULL) strncpy(filename, s+1, sizeof(filename)); } @@ -1295,7 +1295,7 @@ int smime_validate_cert(X509 *cert, long *error) ERR_clear_error(); *error = 0; - if((csc = X509_STORE_CTX_new()) != NULL){ + if((s_cert_store != NULL) && (csc = X509_STORE_CTX_new()) != NULL){ X509_STORE_set_flags(s_cert_store, 0); if(X509_STORE_CTX_init(csc,s_cert_store,cert,NULL) && X509_verify_cert(csc) <= 0) @@ -3605,7 +3605,7 @@ get_chain_for_cert(X509 *cert, int *error, int *level) *level = -1; *error = 0; ERR_clear_error(); - if((ctx = X509_STORE_CTX_new()) != NULL){ + if((s_cert_store != NULL) && (ctx = X509_STORE_CTX_new()) != NULL){ X509_STORE_set_flags(s_cert_store, 0); if(!X509_STORE_CTX_init(ctx, s_cert_store, cert, NULL)) *error = X509_STORE_CTX_get_error(ctx); |