moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00
Code Issues Releases Wiki Activity

darwinssl: fix potential crash when attempting to copy an identity

Browse Source 
from a P12 file

This could've happened if SecPKCS12Import() returned noErr _and_ no
identity.
This commit is contained in:
Nick Zitzmann 2014-05-14 17:48:14 -05:00
parent 4167498f74
commit 69cdc95932
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/vtls/curl_darwinssl.c
View File

@ -952,7 +952,7 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
/* Here we go: */ /* Here we go: */
status = SecPKCS12Import(pkcs_data, options, &items); status = SecPKCS12Import(pkcs_data, options, &items);
if(status == noErr) { if(status == noErr && items && CFArrayGetCount(items)) {
CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L); CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L);
const void *temp_identity = CFDictionaryGetValue(identity_and_trust, const void *temp_identity = CFDictionaryGetValue(identity_and_trust,
kSecImportItemIdentity); kSecImportItemIdentity);
@ -960,8 +960,10 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
/* Retain the identity; we don't care about any other data... */ /* Retain the identity; we don't care about any other data... */
CFRetain(temp_identity); CFRetain(temp_identity);
*out_cert_and_key = (SecIdentityRef)temp_identity; *out_cert_and_key = (SecIdentityRef)temp_identity;
CFRelease(items);
} }
if(items)
CFRelease(items);
CFRelease(options); CFRelease(options);
CFRelease(pkcs_data); CFRelease(pkcs_data);
} }