diff options
Diffstat (limited to 'lib/ext_cert_type.c')
-rw-r--r-- | lib/ext_cert_type.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/lib/ext_cert_type.c b/lib/ext_cert_type.c index 9966c6ed22..5bf5621419 100644 --- a/lib/ext_cert_type.c +++ b/lib/ext_cert_type.c @@ -102,7 +102,7 @@ int _gnutls_cert_type_recv_params( GNUTLS_STATE state, const opaque* data, int d /* returns data_size or a negative number on failure * data is allocated localy */ -int _gnutls_cert_type_send_params( GNUTLS_STATE state, opaque** data) { +int _gnutls_cert_type_send_params( GNUTLS_STATE state, opaque* data, int data_size) { uint16 len, i; /* this function sends the client extension data (dnsname) */ @@ -118,15 +118,16 @@ int _gnutls_cert_type_send_params( GNUTLS_STATE state, opaque** data) { /* We don't use this extension if X.509 certificates * are used. */ - *data=NULL; return 0; } - (*data) = gnutls_malloc(len); - if (*data==NULL) return GNUTLS_E_MEMORY_ERROR; - + if (data_size < len) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + for (i=0;i<len;i++) { - (*data)[i] = _gnutls_cert_type2num( state->gnutls_internals. + data[i] = _gnutls_cert_type2num( state->gnutls_internals. cert_type_priority.algorithm_priority[i]); } return len; @@ -136,17 +137,18 @@ int _gnutls_cert_type_send_params( GNUTLS_STATE state, opaque** data) { if ( state->security_parameters.cert_type != DEFAULT_CERT_TYPE) { len = 1; - (*data) = gnutls_malloc(len); - if (*data==NULL) return GNUTLS_E_MEMORY_ERROR; + if (data_size < len) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } - (*data)[0] = _gnutls_cert_type2num( state->security_parameters.cert_type); + data[0] = _gnutls_cert_type2num( state->security_parameters.cert_type); return len; } } - *data = NULL; return 0; } |