From: Oliver Kurth Date: Fri, 26 Oct 2018 17:44:59 +0000 (-0700) Subject: Add some sanity checks in vgauth/common/certverify.c X-Git-Tag: stable-11.0.0~360 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7560aab8a6be1be166d0e37c08f46ba0196d0a16;p=thirdparty%2Fopen-vm-tools.git Add some sanity checks in vgauth/common/certverify.c Add some sanity checks in cert chain verify callback. --- diff --git a/open-vm-tools/vgauth/common/certverify.c b/open-vm-tools/vgauth/common/certverify.c index 14ff11a7a..c2c3a16a2 100644 --- a/open-vm-tools/vgauth/common/certverify.c +++ b/open-vm-tools/vgauth/common/certverify.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2016 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2016,2018 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published @@ -142,8 +142,12 @@ VerifyCallback(int ok, * This is a legacy function that has some issues, but setting up a bio * just for a bit of debug seems overkill. */ - X509_NAME_oneline(X509_get_subject_name(curCert), nameBuf, sizeof(nameBuf) - 1); - nameBuf[sizeof(nameBuf)-1] = '\0'; + if (NULL != curCert) { + X509_NAME_oneline(X509_get_subject_name(curCert), nameBuf, sizeof(nameBuf) - 1); + nameBuf[sizeof(nameBuf)-1] = '\0'; + } else { + g_strlcpy(nameBuf, "", sizeof nameBuf); + } g_debug("%s: name: %s ok: %d error %d at %d depth lookup:%s\n", __FUNCTION__, nameBuf,