feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

When loading a named key, check that the save buffer mallocs. It calls a library function that checks the pointer, but an application of the library shouldn't depend on side effects. This fixes #300.

Browse Source
This commit is contained in:
John Safranek
2016-02-09 15:17:05 -08:00
parent 62a2efdacc
commit ccffee1617
1 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/sniffer.c
View File

@ -1041,9 +1041,7 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
const char* password) const char* password)
{ {
byte* loadBuf; byte* loadBuf;
byte* saveBuf;
long fileSz = 0; long fileSz = 0;
int saveBufSz;
XFILE file; XFILE file;
int ret; int ret;
@ -1067,10 +1065,21 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
XFCLOSE(file); XFCLOSE(file);
if (typeKey == SSL_FILETYPE_PEM) { if (typeKey == SSL_FILETYPE_PEM) {
saveBuf = (byte*)malloc(fileSz); byte* saveBuf = (byte*)malloc(fileSz);
int saveBufSz = 0;
saveBufSz = wolfSSL_KeyPemToDer(loadBuf, (int)fileSz, ret = -1;
if (saveBuf != NULL) {
saveBufSz = wolfSSL_KeyPemToDer(loadBuf, (int)fileSz,
saveBuf, (int)fileSz, password); saveBuf, (int)fileSz, password);
if (saveBufSz < 0) {
saveBufSz = 0;
free(saveBuf);
}
else
ret = 0;
}
free(loadBuf); free(loadBuf);
*keyBuf = saveBuf; *keyBuf = saveBuf;
@ -1081,7 +1090,6 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
*keyBufSz = (word32)fileSz; *keyBufSz = (word32)fileSz;
} }
if (ret < 0) { if (ret < 0) {
return -1; return -1;
} }