darwinssl: handle long strings in TLS certs (follow-up)
- Fix handling certificate subjects that are already UTF-8 encoded.
Follow-up to b3b75d1
from two days ago. Since then a copy would be
skipped if the subject was already UTF-8, possibly resulting in a NULL
deref later on.
Ref: https://github.com/curl/curl/issues/1823
Ref: https://github.com/curl/curl/pull/1831
Closes https://github.com/curl/curl/pull/1836
This commit is contained in:
Родитель
410bf6b7b1
Коммит
aa2ea66cda
|
@ -910,11 +910,26 @@ static CURLcode CopyCertSubject(struct Curl_easy *data,
|
|||
{
|
||||
CFStringRef c = getsubject(cert);
|
||||
CURLcode result = CURLE_OK;
|
||||
const char *direct;
|
||||
char *cbuf = NULL;
|
||||
*certp = NULL;
|
||||
|
||||
/* If subject is not UTF-8 then check if it can be converted */
|
||||
if(!CFStringGetCStringPtr(c, kCFStringEncodingUTF8)) {
|
||||
if(!c) {
|
||||
failf(data, "SSL: invalid CA certificate subject");
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
/* If the subject is already available as UTF-8 encoded (ie 'direct') then
|
||||
use that, else convert it. */
|
||||
direct = CFStringGetCStringPtr(c, kCFStringEncodingUTF8);
|
||||
if(direct) {
|
||||
*certp = strdup(direct);
|
||||
if(!*certp) {
|
||||
failf(data, "SSL: out of memory");
|
||||
result = CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
}
|
||||
else {
|
||||
size_t cbuf_size = ((size_t)CFStringGetLength(c) * 4) + 1;
|
||||
cbuf = calloc(cbuf_size, 1);
|
||||
if(cbuf) {
|
||||
|
|
Загрузка…
Ссылка в новой задаче