Ensure ca_list != NULL and ca_list_size > 0.

As ca_list_size is used in malloc, ensure that ca_list_size > 0. If ca_list_size > 0, then ca_list cannot be NULL. Make these assumptions explicit with argument condition check. Signed-off-by: Tom Carroll <incentivedesign@gmail.com>
author: Tom Carroll <incentivedesign@gmail.com> 2021-01-10 21:40:52 -0800
committer: Tom Carroll <incentivedesign@gmail.com> 2021-01-10 21:47:22 -0800
commit: 1371d9c9da7d1995793e7dab769f49cbff3873fe (patch)
tree: b5c1f66f94842c5f6ebfcdeaf854414a31e8faf6
parent: 3bbdd12c69e087c55e715dd55670d98f4cc141cb (diff)
download: gnutls-1371d9c9da7d1995793e7dab769f49cbff3873fe.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/cert-cred-x509.c b/lib/cert-cred-x509.c
index 03d20b1e6f..2d991ad6a5 100644
--- a/lib/cert-cred-x509.c
+++ b/lib/cert-cred-x509.c
@@ -1142,8 +1142,12 @@ gnutls_certificate_set_x509_trust(gnutls_certificate_credentials_t res,
 				  int ca_list_size)
 {
 	int ret, i, j;
-	gnutls_x509_crt_t *new_list = gnutls_malloc(ca_list_size * sizeof(gnutls_x509_crt_t));
+	gnutls_x509_crt_t *new_list;
 
+	if (ca_list == NULL || ca_list_size < 1)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	new_list = gnutls_malloc(ca_list_size * sizeof(gnutls_x509_crt_t));
 	if (!new_list)
 		return GNUTLS_E_MEMORY_ERROR;
author	Tom Carroll <incentivedesign@gmail.com>	2021-01-10 21:40:52 -0800
committer	Tom Carroll <incentivedesign@gmail.com>	2021-01-10 21:47:22 -0800
commit	1371d9c9da7d1995793e7dab769f49cbff3873fe (patch)
tree	b5c1f66f94842c5f6ebfcdeaf854414a31e8faf6
parent	3bbdd12c69e087c55e715dd55670d98f4cc141cb (diff)
download	gnutls-1371d9c9da7d1995793e7dab769f49cbff3873fe.tar.gz