Add some sanity checks in vgauth/common/certverify.c

Add some sanity checks in cert chain verify callback.

diff --git a/open-vm-tools/vgauth/common/certverify.c b/open-vm-tools/vgauth/common/certverify.c
index 14ff11a7a9e24ab76ebc0a1d3c04542384f85803..c2c3a16a2973b6e629b41607d426564add3f56aa 100644 (file)
--- a/open-vm-tools/vgauth/common/certverify.c
+++ b/open-vm-tools/vgauth/common/certverify.c
@@ -1,5 +1,5 @@
 /*********************************************************
- * Copyright (C) 2011-2016 VMware, Inc. All rights reserved.
+ * Copyright (C) 2011-2016,2018 VMware, Inc. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as published
@@ -142,8 +142,12 @@ VerifyCallback(int ok,
     * This is a legacy function that has some issues, but setting up a bio
     * just for a bit of debug seems overkill.
     */
-   X509_NAME_oneline(X509_get_subject_name(curCert), nameBuf, sizeof(nameBuf) - 1);
-   nameBuf[sizeof(nameBuf)-1] = '\0';
+   if (NULL != curCert) {
+      X509_NAME_oneline(X509_get_subject_name(curCert), nameBuf, sizeof(nameBuf) - 1);
+      nameBuf[sizeof(nameBuf)-1] = '\0';
+   } else {
+      g_strlcpy(nameBuf, "<NO CERT SUBJECT>", sizeof nameBuf);
+   }
    g_debug("%s: name: %s ok: %d error %d at %d depth lookup:%s\n",
            __FUNCTION__,
            nameBuf,