Verify that cert_list != NULL and cert_list_size > 0.

gnutls_certificate_set_x509_key() assumes that cert_list != NULL and
cert_list_size > 0.  These assumptions are evident as cert_list_size is
used for malloc and cert_list[0] is accessed. Make those assumptions
explicit with argument condition check.

Signed-off-by: Tom Carroll <incentivedesign@gmail.com>

diff --git a/lib/cert-cred-x509.c b/lib/cert-cred-x509.c
index 04aa3169b6e20eacf392b45cd062fd5ed3817b88..03d20b1e6ff7a6c001bbea7cf07362339b482776 100644 (file)
--- a/lib/cert-cred-x509.c
+++ b/lib/cert-cred-x509.c
@@ -743,6 +743,9 @@ gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res,
        gnutls_pcert_st *pcerts = NULL;
        gnutls_str_array_t names;
 
+       if (cert_list == NULL || cert_list_size < 1)
+               return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
        _gnutls_str_array_init(&names);
 
        /* this should be first