openssl: fix use of uninitialized buffer

Make sure that the error buffer is always initialized and simplify the use of it to make the logic easier. Bug: https://github.com/bagder/curl/issues/318 Reported-by: sneis
2015-06-18 14:20:31 +02:00 · 2015-06-18 14:20:31 +02:00 · 26ddc536b0
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@ -2137,10 +2137,9 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex)
    else {
      /* untreated error */
      unsigned long errdetail;
-      char error_buffer[256]; /* OpenSSL documents that this must be at least
-                                 256 bytes long. */
+      char error_buffer[256]=""; /* OpenSSL documents that this must be at
+                                    least 256 bytes long. */
      CURLcode result;
-      const char *cert_problem = NULL;
      long lerr;

      connssl->connecting_state = ssl_connect_2; /* the connection failed,
@ -2172,9 +2171,10 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex)
                   X509_verify_cert_error_string(lerr));
        }
        else
-          cert_problem = "SSL certificate problem, verify that the CA cert is"
-            " OK.";
-
+          /* strcpy() is fine here as long as the string fits within
+             error_buffer */
+          strcpy(error_buffer,
+                 "SSL certificate problem, check your CA cert");
        break;
      default:
        result = CURLE_SSL_CONNECT_ERROR;
@ -2195,7 +2195,7 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex)
      }

      /* Could be a CERT problem */
-      failf(data, "%s%s", cert_problem ? cert_problem : "", error_buffer);
+      failf(data, "%s", error_buffer);

      return result;
    }