* Fix crash when a CA certificate failed to load, by protecting some calls

     when s_cert_store is NULL, and also only freeing s_cert_store when all
     certificates in the .alpine-smime/ca directory fail to load.

3 files changed, 12 insertions, 6 deletions

diff --git a/pith/pine.hlp b/pith/pine.hlp
index 2f75dd38..2d436fdc 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
 reasonable place to be called from.
 Dummy change to get revision in pine.hlp
 ============= h_revision =================
-Alpine Commit 211 2017-05-04 22:18:31
+Alpine Commit 212 2017-07-14 08:25:45
 ============= h_news =================
 <HTML>
 <HEAD>
@@ -181,6 +181,9 @@ Bugs that have been addressed include:
 <UL>
    <LI> Crash when attempting to bounce a message due to lack of space in
         allocated space for key menu array. Reported by David Sewell.
+
+   <LI> Crash when a CA certificate failed to load, and user attempted to
+        view certificate information of other certificate authorities.
 </UL>
 
 <P>
diff --git a/pith/smime.c b/pith/smime.c
index 1878988f..50c0dcc1 100644
--- a/pith/smime.c
+++ b/pith/smime.c
@@ -643,7 +643,7 @@ import_certificate(WhichCerts ctype, PERSONAL_CERT *p_cert, char *fname)
    } else {
      char *s;
      strncpy(full_filename, fname, sizeof(full_filename));
-     if((s = strrchr(full_filename, '/')) != '\0')
+     if((s = strrchr(full_filename, '/')) != NULL)
        strncpy(filename, s+1, sizeof(filename));
    }
 
@@ -1295,7 +1295,7 @@ int smime_validate_cert(X509 *cert, long *error)
 
    ERR_clear_error();
    *error = 0;
-   if((csc = X509_STORE_CTX_new()) != NULL){
+   if((s_cert_store != NULL) && (csc = X509_STORE_CTX_new()) != NULL){
      X509_STORE_set_flags(s_cert_store, 0);
      if(X509_STORE_CTX_init(csc,s_cert_store,cert,NULL)
 	&& X509_verify_cert(csc) <= 0)
@@ -3605,7 +3605,7 @@ get_chain_for_cert(X509 *cert, int *error, int *level)
   *level = -1;
   *error = 0;
   ERR_clear_error();
-  if((ctx = X509_STORE_CTX_new()) != NULL){
+  if((s_cert_store != NULL) && (ctx = X509_STORE_CTX_new()) != NULL){
       X509_STORE_set_flags(s_cert_store, 0);
       if(!X509_STORE_CTX_init(ctx, s_cert_store, cert, NULL))
 	*error   = X509_STORE_CTX_get_error(ctx);
diff --git a/pith/smkeys.c b/pith/smkeys.c
index 46501d08..d899f4f8 100644
--- a/pith/smkeys.c
+++ b/pith/smkeys.c
@@ -673,16 +673,17 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata)
     struct direct *d;
     DIR	*dirp;
     CertList *cert, *cl;
-    int  ret = 0;
+    int  ret = 0, nfiles = 0, nerr = 0;
 
     if((dirp = opendir(path)) != NULL){
         while(!ret && (d=readdir(dirp)) != NULL){
             if(srchrstr(d->d_name, ext)){
+		nfiles++;
     	    	build_path(buf, path, d->d_name, sizeof(buf));
 
     	    	if(!X509_LOOKUP_load_file(lookup, buf, X509_FILETYPE_PEM)){
 		    q_status_message1(SM_ORDER, 3, 3, _("Error loading file %s"), buf);
-		    ret = -1;
+		    nerr++;
 		} else {
 		  if(cdata){
 		     BIO *in;
@@ -719,6 +720,8 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata)
         closedir(dirp);
     }
 
+    /* if all certificates fail to load */
+    if(nerr == nfiles) ret = -1;
     return ret;
 }