summaryrefslogtreecommitdiff
path: root/lib/x509/name_constraints.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/x509/name_constraints.c')
-rw-r--r--lib/x509/name_constraints.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/x509/name_constraints.c b/lib/x509/name_constraints.c
index 7ae45c003d..38805b6fe0 100644
--- a/lib/x509/name_constraints.c
+++ b/lib/x509/name_constraints.c
@@ -774,11 +774,12 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
{
// presume empty intersection
name_constraints_node_st *intersection = NULL;
- *_intersection = NULL;
name_constraints_node_st *to_copy = NULL;
unsigned iplength = 0;
unsigned byte;
+ *_intersection = NULL;
+
if (nc1->type != nc2->type) {
return GNUTLS_E_SUCCESS;
}
@@ -812,12 +813,16 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
// for other types, we don't know how to do the intersection, assume empty
return GNUTLS_E_SUCCESS;
}
+
// copy existing node if applicable
if (to_copy != NULL) {
*_intersection = name_constraints_node_new(to_copy->type, to_copy->name.data, to_copy->name.size);
if (*_intersection == NULL)
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
intersection = *_intersection;
+
+ assert(intersection->name.data != NULL);
+
if (intersection->type == GNUTLS_SAN_IPADDRESS) {
// make sure both IP addresses are correctly masked
_gnutls_mask_ip(intersection->name.data, intersection->name.data+iplength, iplength);
@@ -828,6 +833,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
}
}
}
+
return GNUTLS_E_SUCCESS;
}
View Lorry Controller Status