From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 14 Dec 2014 16:34:02 +0000 (+0100)
Subject: darwinssl: aprintf() to allocate the session key
X-Git-Tag: curl-7_40_0~148
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b13923f;p=thirdparty%2Fcurl.git

darwinssl: aprintf() to allocate the session key

... to avoid using a fixed memory size that risks being too large or too
small.
---

diff --git a/lib/vtls/curl_darwinssl.c b/lib/vtls/curl_darwinssl.c
index f0e196301c..b798acb892 100644
--- a/lib/vtls/curl_darwinssl.c
+++ b/lib/vtls/curl_darwinssl.c
@@ -1468,7 +1468,7 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
 
   /* Check if there's a cached ID we can/should use here! */
   if(!Curl_ssl_getsessionid(conn, (void **)&ssl_sessionid,
-    &ssl_sessionid_len)) {
+                            &ssl_sessionid_len)) {
     /* we got a session id, use it! */
     err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
     if(err != noErr) {
@@ -1482,10 +1482,9 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
      to starting the handshake. */
   else {
     CURLcode retcode;
-
-    ssl_sessionid = malloc(256*sizeof(char));
-    ssl_sessionid_len = snprintf(ssl_sessionid, 256, "curl:%s:%hu",
-      conn->host.name, conn->remote_port);
+    ssl_sessionid = aprintf(ssl_sessionid, "curl:%s:%hu",
+                            conn->host.name, conn->remote_port);
+    ssl_sessionid_len = strlen(ssl_sessionid);
     err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
     if(err != noErr) {
       failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err);