vtls: avoid NULL deref on bad PEM input

author Daniel Stenberg <daniel@haxx.se>

Wed, 7 May 2025 14:09:55 +0000 (16:09 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Wed, 7 May 2025 15:08:06 +0000 (17:08 +0200)
author Daniel Stenberg <daniel@haxx.se>
Wed, 7 May 2025 14:09:55 +0000 (16:09 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Wed, 7 May 2025 15:08:06 +0000 (17:08 +0200)
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c

index fa2b0fe92b5799ff970a08202fbcaa82f303d6a0..3b335e28718c8d8eacd71bb9da2100cd3ab44000 100644 (file)
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -698,9 +698,12 @@ static CURLcode pubkey_pem_to_der(const char *pem,
      ++pem_count;
    }
  
-  result = curlx_base64_decode(curlx_dyn_ptr(&pbuf), der, der_len);
-
-  curlx_dyn_free(&pbuf);
+  if(curlx_dyn_len(&pbuf)) {
+    result = curlx_base64_decode(curlx_dyn_ptr(&pbuf), der, der_len);
+    curlx_dyn_free(&pbuf);
+  }
+  else
+    result = CURLE_BAD_CONTENT_ENCODING;
  
    return result;
  }
author	Daniel Stenberg <daniel@haxx.se>
	Wed, 7 May 2025 14:09:55 +0000 (16:09 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Wed, 7 May 2025 15:08:06 +0000 (17:08 +0200)