qulogic/pidgin

ssl-gnutls: Fix error handling of x509_import_from_datum
release-2.x.y
2016-06-07, dx
d6fc1ce76ffe
Parents 5e5e84e8a798
Children 6d984b02fa91
ssl-gnutls: Fix error handling of x509_import_from_datum
1 files changed, 12 insertions(+), 4 deletions(-)
  • +12 -4
    libpurple/plugins/ssl/ssl-gnutls.c
    • --- a/libpurple/plugins/ssl/ssl-gnutls.c Sun May 15 05:41:39 2016 -0300
    +++ b/libpurple/plugins/ssl/ssl-gnutls.c Tue Jun 07 04:22:59 2016 -0300
    @@ -608,7 +608,7 @@
    TODO: Is anyone complaining? (Maybe elb?) */
    /* only append if previous cert was actually signed by this one.
    * Thanks Microsoft. */
    - if ((prvcrt == NULL) || x509_certificate_signed_by(prvcrt, newcrt)) {
    + if ((newcrt != NULL) && ((prvcrt == NULL) || x509_certificate_signed_by(prvcrt, newcrt))) {
    peer_certs = g_list_append(peer_certs, newcrt);
    prvcrt = newcrt;
    } else {
    @@ -685,12 +685,18 @@
    /* Allocate and prepare the internal certificate data */
    certdat = g_new0(x509_crtdata_t, 1);
    - gnutls_x509_crt_init(&(certdat->crt));
    + if (gnutls_x509_crt_init(&(certdat->crt)) != 0) {
    + g_free(certdat);
    + return NULL;
    + }
    certdat->refcount = 0;
    /* Perform the actual certificate parse */
    /* Yes, certdat->crt should be passed as-is */
    - gnutls_x509_crt_import(certdat->crt, &dt, mode);
    + if (gnutls_x509_crt_import(certdat->crt, &dt, mode) != 0) {
    + g_free(certdat);
    + return NULL;
    + }
    /* Allocate the certificate and load it with data */
    crt = g_new0(PurpleCertificate, 1);
    @@ -780,7 +786,9 @@
    /* Perform the conversion; files should be in PEM format */
    crt = x509_import_from_datum(dt, GNUTLS_X509_FMT_PEM);
    - crts = g_slist_prepend(crts, crt);
    + if (crt != NULL) {
    + crts = g_slist_prepend(crts, crt);
    + }
    begin = end;
    }