diff options
| author | Tom Carroll <incentivedesign@gmail.com> | 2021-01-10 21:31:19 -0800 |
|---|---|---|
| committer | Tom Carroll <incentivedesign@gmail.com> | 2021-01-10 21:45:08 -0800 |
| commit | 3bbdd12c69e087c55e715dd55670d98f4cc141cb (patch) | |
| tree | 3aa6a6c6838189e7ea0977a0812ae6087a6053a5 | |
| parent | 384ac9f67cd4f3241b69ce4d47bf9b70b9f7d5cb (diff) | |
| download | gnutls-3bbdd12c69e087c55e715dd55670d98f4cc141cb.tar.gz | |
Verify that cert_list != NULL and cert_list_size > 0.
gnutls_certificate_set_x509_key() assumes that cert_list != NULL and
cert_list_size > 0. These assumptions are evident as cert_list_size is
used for malloc and cert_list[0] is accessed. Make those assumptions
explicit with argument condition check.
Signed-off-by: Tom Carroll <incentivedesign@gmail.com>
| -rw-r--r-- | lib/cert-cred-x509.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/cert-cred-x509.c b/lib/cert-cred-x509.c index 04aa3169b6..03d20b1e6f 100644 --- a/lib/cert-cred-x509.c +++ b/lib/cert-cred-x509.c @@ -743,6 +743,9 @@ gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res, gnutls_pcert_st *pcerts = NULL; gnutls_str_array_t names; + if (cert_list == NULL || cert_list_size < 1) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + _gnutls_str_array_init(&names); /* this should be first |