diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-03 14:24:08 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-05-03 15:45:27 +0200 |
commit | 7d2aab3b46abf8743a2c0f7b3534e864b47aee7a (patch) | |
tree | 82d7f2050c3b5136d01ce6ffc2819e4556a47f57 /lib | |
parent | c09b0c354933e10a60c251aa282055568563d44a (diff) | |
download | gnutls-7d2aab3b46abf8743a2c0f7b3534e864b47aee7a.tar.gz |
gnutls_certificate_set_key: duplicate the provided memory
That is, do not assume that a heap allocated value is provided.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gnutls_x509.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index f7cfdca1f6..bac4f7b6bf 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -1166,7 +1166,7 @@ gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res, * entity certificate (e.g., also an intermediate CA cert) then put * the certificate chain in @pcert_list. * - * Note that the @pcert_list and @key will become part of the credentials + * Note that the @key and the elements of @pcert_list will become part of the credentials * structure and must not be deallocated. They will be automatically deallocated * when the @res structure is deinitialized. * @@ -1186,6 +1186,7 @@ gnutls_certificate_set_key(gnutls_certificate_credentials_t res, { int ret, i; gnutls_str_array_t str_names; + gnutls_pcert_st *new_pcert_list; _gnutls_str_array_init(&str_names); @@ -1211,12 +1212,20 @@ gnutls_certificate_set_key(gnutls_certificate_credentials_t res, goto cleanup; } + new_pcert_list = gnutls_malloc(sizeof(gnutls_pcert_st) * pcert_list_size); + if (new_pcert_list == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + memcpy(new_pcert_list, pcert_list, sizeof(gnutls_pcert_st) * pcert_list_size); + ret = certificate_credential_append_crt_list(res, str_names, - pcert_list, + new_pcert_list, pcert_list_size); if (ret < 0) { gnutls_assert(); + gnutls_free(new_pcert_list); goto cleanup; } |