* Fix crash when a CA certificate failed to load, by protecting some calls

when s_cert_store is NULL, and also only freeing s_cert_store when all certificates in the .alpine-smime/ca directory fail to load.
author: Eduardo Chappa <chappa@washington.edu> 2017-07-14 08:30:59 -0600
committer: Eduardo Chappa <chappa@washington.edu> 2017-07-14 08:30:59 -0600
commit: bc3f61e54599136fb264cf4074abb685b866eb85 (patch)
tree: 02d61412d65f5f3d51c82877ef0c4a6fcde02927 /pith/smkeys.c
parent: 65dea5ff595b089c5d46131381f01d84b7dfd79a (diff)
download: alpine-bc3f61e54599136fb264cf4074abb685b866eb85.tar.xz
1 files changed, 5 insertions, 2 deletions
diff --git a/pith/smkeys.c b/pith/smkeys.c
index 46501d08..d899f4f8 100644
--- a/pith/smkeys.c
+++ b/pith/smkeys.c
@@ -673,16 +673,17 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata)
     struct direct *d;
     DIR	*dirp;
     CertList *cert, *cl;
-    int  ret = 0;
+    int  ret = 0, nfiles = 0, nerr = 0;
 
     if((dirp = opendir(path)) != NULL){
         while(!ret && (d=readdir(dirp)) != NULL){
             if(srchrstr(d->d_name, ext)){
+		nfiles++;
     	    	build_path(buf, path, d->d_name, sizeof(buf));
 
     	    	if(!X509_LOOKUP_load_file(lookup, buf, X509_FILETYPE_PEM)){
 		    q_status_message1(SM_ORDER, 3, 3, _("Error loading file %s"), buf);
-		    ret = -1;
+		    nerr++;
 		} else {
 		  if(cdata){
 		     BIO *in;
@@ -719,6 +720,8 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata)
         closedir(dirp);
     }
 
+    /* if all certificates fail to load */
+    if(nerr == nfiles) ret = -1;
     return ret;
 }
author	Eduardo Chappa <chappa@washington.edu>	2017-07-14 08:30:59 -0600
committer	Eduardo Chappa <chappa@washington.edu>	2017-07-14 08:30:59 -0600
commit	bc3f61e54599136fb264cf4074abb685b866eb85 (patch)
tree	02d61412d65f5f3d51c82877ef0c4a6fcde02927 /pith/smkeys.c
parent	65dea5ff595b089c5d46131381f01d84b7dfd79a (diff)
download	alpine-bc3f61e54599136fb264cf4074abb685b866eb85.tar.xz