]> git.ipfire.org Git - thirdparty/ipxe.git/commit
projects / thirdparty / ipxe.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a289b4b) | patch
[x509] Ensure certificate remains valid during x509_append()
authorMichael Brown <mcb30@ipxe.org>
Mon, 31 Mar 2025 16:44:59 +0000 (17:44 +0100)
committerMichael Brown <mcb30@ipxe.org>
Mon, 31 Mar 2025 17:05:11 +0000 (18:05 +0100)
commit0a48bb32145ce14b11d5d1e2a537d3d567489385
treec40acc641986801e9b1725879ef0fb0b561f71a1tree
parenta289b4b8c2eb06d013a48088e25e11a3390006cacommit | diff
[x509] Ensure certificate remains valid during x509_append()

The allocation of memory for the certificate chain link may cause the
certificate itself to be freed by the cache discarder, if the only
current reference to the certificate is held by the certificate store
and the system runs out of memory during the call to malloc().

Ensure that this cannot happen by taking out a temporary additional
reference to the certificate within x509_append(), rather than
requiring the caller to do so.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
src/crypto/x509.c diff | blob | blame | history
src/net/tls.c diff | blob | blame | history
Mirror of https://github.com/ipxe/ipxe.git