wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for possible NULL buffer use if certChain not loaded and OCSP cert request called.

Browse Source
This commit is contained in:
David Garske
2020-09-16 12:45:25 -07:00
parent eb466668ce
commit b4c964f729
1 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/internal.c
View File

@ -17465,6 +17465,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
#else #else
DecodedCert cert[1]; DecodedCert cert[1];
#endif #endif
DerBuffer* chain;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap, cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap,
@ -17481,14 +17482,20 @@ int SendCertificateStatus(WOLFSSL* ssl)
return MEMORY_E; return MEMORY_E;
} }
while (idx + OPAQUE24_LEN < ssl->buffers.certChain->length) { /* use certChain if available, otherwise use peer certificate */
c24to32(ssl->buffers.certChain->buffer + idx, &der.length); chain = ssl->buffers.certChain;
if (chain == NULL) {
chain = ssl->buffers.certificate;
}
while (chain && idx + OPAQUE24_LEN < chain->length) {
c24to32(chain->buffer + idx, &der.length);
idx += OPAQUE24_LEN; idx += OPAQUE24_LEN;
der.buffer = ssl->buffers.certChain->buffer + idx; der.buffer = chain->buffer + idx;
idx += der.length; idx += der.length;
if (idx > ssl->buffers.certChain->length) if (idx > chain->length)
break; break;
ret = CreateOcspRequest(ssl, request, cert, der.buffer, ret = CreateOcspRequest(ssl, request, cert, der.buffer,