aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorNick Zitzmann <nickzman@gmail.com>2014-05-14 17:48:14 -0500
committerNick Zitzmann <nickzman@gmail.com>2014-05-14 17:48:14 -0500
commit69cdc95932f5f1dad774f5692037e4a0fdb311cd (patch)
tree69bd13a4378b90dd2934cdb899fe06d47032826f /lib/vtls
parent4167498f7470445d136486bebe0482904772afc4 (diff)
darwinssl: fix potential crash when attempting to copy an identity
from a P12 file This could've happened if SecPKCS12Import() returned noErr _and_ no identity.
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/curl_darwinssl.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/vtls/curl_darwinssl.c b/lib/vtls/curl_darwinssl.c
index 3a9da91cc..3627963dd 100644
--- a/lib/vtls/curl_darwinssl.c
+++ b/lib/vtls/curl_darwinssl.c
@@ -952,7 +952,7 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
/* Here we go: */
status = SecPKCS12Import(pkcs_data, options, &items);
- if(status == noErr) {
+ if(status == noErr && items && CFArrayGetCount(items)) {
CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L);
const void *temp_identity = CFDictionaryGetValue(identity_and_trust,
kSecImportItemIdentity);
@@ -960,8 +960,10 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
/* Retain the identity; we don't care about any other data... */
CFRetain(temp_identity);
*out_cert_and_key = (SecIdentityRef)temp_identity;
- CFRelease(items);
}
+
+ if(items)
+ CFRelease(items);
CFRelease(options);
CFRelease(pkcs_data);
}