darwinssl: fix potential crash when attempting to copy an identity

from a P12 file This could've happened if SecPKCS12Import() returned noErr _and_ no identity.
2024-12-21 23:58:49 -05:00 · 2014-05-14 17:48:14 -05:00 · 2014-05-14 17:48:14 -05:00 · 69cdc95932
commit 69cdc95932
parent 4167498f74
1 changed files with 4 additions and 2 deletions
--- a/lib/vtls/curl_darwinssl.c
+++ b/lib/vtls/curl_darwinssl.c
@ -952,7 +952,7 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,

    /* Here we go: */
    status = SecPKCS12Import(pkcs_data, options, &items);
-    if(status == noErr) {
+    if(status == noErr && items && CFArrayGetCount(items)) {
      CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L);
      const void *temp_identity = CFDictionaryGetValue(identity_and_trust,
        kSecImportItemIdentity);
@ -960,8 +960,10 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
      /* Retain the identity; we don't care about any other data... */
      CFRetain(temp_identity);
      *out_cert_and_key = (SecIdentityRef)temp_identity;
-      CFRelease(items);
    }
+
+    if(items)
+      CFRelease(items);
    CFRelease(options);
    CFRelease(pkcs_data);
  }