diff options
| author | Tom Vrancken <dev@tomvrancken.nl> | 2018-05-22 12:35:31 +0200 |
|---|---|---|
| committer | Tom Vrancken <dev@tomvrancken.nl> | 2018-10-18 21:39:48 +0200 |
| commit | 39065f544a23fd37dbb4e2334a533e5d4724b689 (patch) | |
| tree | be978ac2de141aced0130fd7b97cccdc439c5459 | |
| parent | 2ece875e45cd790403b930d492a6e3f509209d1b (diff) | |
| download | gnutls-39065f544a23fd37dbb4e2334a533e5d4724b689.tar.gz | |
Added NULL pointer check in gnutls_certificate_free_credentials for safety.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
| -rw-r--r-- | lib/cert-cred.c | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/lib/cert-cred.c b/lib/cert-cred.c index 2150e903f2..fc24c75ec4 100644 --- a/lib/cert-cred.c +++ b/lib/cert-cred.c @@ -106,7 +106,7 @@ void gnutls_certificate_free_cas(gnutls_certificate_credentials_t sc) * * As with gnutls_x509_trust_list_get_issuer() this function requires * the %GNUTLS_TL_GET_COPY flag in order to operate with PKCS#11 trust - * lists in a thread-safe way. + * lists in a thread-safe way. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. @@ -171,7 +171,7 @@ gnutls_certificate_get_crt_raw(gnutls_certificate_credentials_t sc, * credentials. Clients may call this to save some memory since in * client side the CA names are not used. Servers might want to use * this function if a large list of trusted CAs is present and - * sending the names of it would just consume bandwidth without providing + * sending the names of it would just consume bandwidth without providing * information to client. * * CA names are used by servers to advertise the CAs they support to @@ -196,15 +196,18 @@ void gnutls_certificate_free_ca_names(gnutls_certificate_credentials_t sc) void gnutls_certificate_free_credentials(gnutls_certificate_credentials_t sc) { - gnutls_x509_trust_list_deinit(sc->tlist, 1); - gnutls_certificate_free_keys(sc); - memset(sc->pin_tmp, 0, sizeof(sc->pin_tmp)); + // Check for valid pointer and otherwise do nothing + if (sc != NULL) { + gnutls_x509_trust_list_deinit(sc->tlist, 1); + gnutls_certificate_free_keys(sc); + memset(sc->pin_tmp, 0, sizeof(sc->pin_tmp)); + + if (sc->deinit_dh_params) { + gnutls_dh_params_deinit(sc->dh_params); + } - if (sc->deinit_dh_params) { - gnutls_dh_params_deinit(sc->dh_params); + gnutls_free(sc); } - - gnutls_free(sc); } @@ -585,7 +588,7 @@ static int call_legacy_cert_cb2(gnutls_session_t session, **/ void gnutls_certificate_set_retrieve_function2 (gnutls_certificate_credentials_t cred, - gnutls_certificate_retrieve_function2 * func) + gnutls_certificate_retrieve_function2 * func) { cred->legacy_cert_cb2 = func; if (!func) @@ -641,7 +644,7 @@ void gnutls_certificate_set_retrieve_function2 **/ void gnutls_certificate_set_retrieve_function3 (gnutls_certificate_credentials_t cred, - gnutls_certificate_retrieve_function3 *func) + gnutls_certificate_retrieve_function3 *func) { cred->get_cert_callback3 = func; } |