AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ssl_server2: handle mbedtls_x509_dn_gets failure

Browse Source 
If mbedtls_x509_dn_gets fails, the server could end up calling printf
on an uninitialized buffer. Check if the function succeeds. Found by
Coverity.
This commit is contained in:
Gilles Peskine 2018-06-15 14:05:10 +02:00
parent ace05929e8
commit d5d983e168
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
programs/ssl/ssl_server2.c
View File

@ -962,8 +962,9 @@ static int ssl_async_start( mbedtls_ssl_context *ssl,
{
char dn[100];
mbedtls_x509_dn_gets( dn, sizeof( dn ), &cert->subject );
mbedtls_printf( "Async %s callback: looking for DN=%s\n", op_name, dn );
if( mbedtls_x509_dn_gets( dn, sizeof( dn ), &cert->subject ) > 0 )
mbedtls_printf( "Async %s callback: looking for DN=%s\n",
op_name, dn );
}
/* Look for a private key that matches the public key in cert.