aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2014-04-22 23:24:31 +0200
committerDaniel Stenberg <daniel@haxx.se>2014-04-22 23:24:31 +0200
commit386ed2d5904566cbc455a50ee7a57d70385e1f02 (patch)
tree7909122aa8ef10f98330af27c4cf45b2a31472c7
parent5b463e97fa5ceaf058a3197ab89e15fcb4dd9160 (diff)
gtls: fix NULL pointer dereference
gnutls_x509_crt_import() must not be called with a NULL certificate Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html Reported-by: Damian Dixon
-rw-r--r--lib/vtls/gtls.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 2a9878715..d6849cebc 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -735,9 +735,10 @@ gtls_connect_step3(struct connectdata *conn,
/* initialize an X.509 certificate structure. */
gnutls_x509_crt_init(&x509_cert);
- /* convert the given DER or PEM encoded Certificate to the native
- gnutls_x509_crt_t format */
- gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);
+ if(chainp)
+ /* convert the given DER or PEM encoded Certificate to the native
+ gnutls_x509_crt_t format */
+ gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);
if(data->set.ssl.issuercert) {
gnutls_x509_crt_init(&x509_issuer);