]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
gnutls_x509_crt_get_extension_data: will return zero if data is NULL and memory buffe...
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 22 May 2014 11:35:22 +0000 (13:35 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 22 May 2014 11:36:39 +0000 (13:36 +0200)
lib/x509/x509.c

index f1f581a4e22b975e19dfd21610b978e07afd1450..0ceb46106ef10353673309879b1b45143bd79603 100644 (file)
@@ -2037,7 +2037,7 @@ gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert, int indx,
  * @cert: should contain a #gnutls_x509_crt_t structure
  * @indx: Specifies which extension OID to send. Use (0) to get the first one.
  * @data: a pointer to a structure to hold the data (may be null)
- * @sizeof_data: initially holds the size of @oid
+ * @sizeof_data: initially holds the size of @data
  *
  * This function will return the requested extension data in the
  * certificate.  The extension data will be stored in the
@@ -2072,9 +2072,14 @@ gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert, int indx,
        result = asn1_read_value(cert->cert, name, data, &len);
        *sizeof_data = len;
 
-       if (result == ASN1_ELEMENT_NOT_FOUND)
+       if (result == ASN1_ELEMENT_NOT_FOUND) {
                return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
-       else if (result != ASN1_SUCCESS) {
+       } else if (result == ASN1_MEM_ERROR && data == NULL) {
+               /* normally we should return GNUTLS_E_SHORT_MEMORY_BUFFER,
+                * but we haven't done that for long time, so use
+                * backwards compatible behavior */
+               return 0;
+       } else if (result != ASN1_SUCCESS) {
                gnutls_assert();
                return _gnutls_asn2err(result);
        }