diff options
author | Daniel Stenberg <daniel@haxx.se> | 2023-02-27 20:36:22 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2023-03-01 09:38:43 +0100 |
commit | c50a6eee0496b6af3cf363f54bda6cd6251f29fb (patch) | |
tree | ca497cd8847d7da05507e4de4d7370eb60f2568b | |
parent | 0b84d0cf1bf726189a4ecf3339735ac2f6b404f4 (diff) | |
download | curl-c50a6eee0496b6af3cf363f54bda6cd6251f29fb.tar.gz |
sectransp: make read_cert() use a dynbuf when loading
Closes #10632
-rw-r--r-- | lib/vtls/sectransp.c | 41 |
1 files changed, 15 insertions, 26 deletions
diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c index b84d88860..0e1b06187 100644 --- a/lib/vtls/sectransp.c +++ b/lib/vtls/sectransp.c @@ -2150,50 +2150,39 @@ static long pem_to_der(const char *in, unsigned char **out, size_t *outlen) return sep_end - in; } +#define MAX_CERTS_SIZE (50*1024*1024) /* arbitrary - to catch mistakes */ + static int read_cert(const char *file, unsigned char **out, size_t *outlen) { int fd; - ssize_t n, len = 0, cap = 512; - unsigned char buf[512], *data; + ssize_t n; + unsigned char buf[512]; + struct dynbuf certs; + + Curl_dyn_init(&certs, MAX_CERTS_SIZE); fd = open(file, 0); if(fd < 0) return -1; - data = malloc(cap); - if(!data) { - close(fd); - return -1; - } - for(;;) { n = read(fd, buf, sizeof(buf)); + if(!n) + break; if(n < 0) { close(fd); - free(data); + Curl_dyn_free(&certs); return -1; } - else if(n == 0) { + if(Curl_dyn_addn(&certs, buf, n)) { close(fd); - break; - } - - if(len + n >= cap) { - cap *= 2; - data = Curl_saferealloc(data, cap); - if(!data) { - close(fd); - return -1; - } + return -1; } - - memcpy(data + len, buf, n); - len += n; } - data[len] = '\0'; + close(fd); - *out = data; - *outlen = len; + *out = Curl_dyn_uptr(&certs); + *outlen = Curl_dyn_len(&certs); return 0; } |