darwinssl: fix crash that started happening in Lion

Something (a recent security update maybe?) changed in Lion, and now it has changed SSLCopyPeerTrust such that it may return noErr but also give us a null trust, which caught us off guard and caused an eventual crash.
author: Nick Zitzmann <nickzman@gmail.com> 2013-06-22 15:13:36 -0600
committer: Nick Zitzmann <nickzman@gmail.com> 2013-06-22 15:13:36 -0600
commit: f3052c8a819711d9193e4a1e9b23f2c76be58f74 (patch)
tree: fcc9c52f2d62f333861073fe518e641bb02dca5e /lib
parent: 631e3e13a90eb7124d43310c3452948fba6c6136 (diff)
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/curl_darwinssl.c b/lib/curl_darwinssl.c
index d03f3cc45..82a339b0a 100644
--- a/lib/curl_darwinssl.c
+++ b/lib/curl_darwinssl.c
@@ -1363,11 +1363,11 @@ darwinssl_connect_step3(struct connectdata *conn,
   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
   CFStringRef server_cert_summary;
   char server_cert_summary_c[128];
-  CFArrayRef server_certs;
+  CFArrayRef server_certs = NULL;
   SecCertificateRef server_cert;
   OSStatus err;
   CFIndex i, count;
-  SecTrustRef trust;
+  SecTrustRef trust = NULL;
 
   /* There is no step 3!
    * Well, okay, if verbose mode is on, let's print the details of the
@@ -1376,7 +1376,9 @@ darwinssl_connect_step3(struct connectdata *conn,
 #if CURL_BUILD_IOS
 #pragma unused(server_certs)
   err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust);
-  if(err == noErr) {
+  /* For some reason, SSLCopyPeerTrust() can return noErr and yet return
+     a null trust, so be on guard for that: */
+  if(err == noErr && trust) {
     count = SecTrustGetCertificateCount(trust);
     for(i = 0L ; i < count ; i++) {
       server_cert = SecTrustGetCertificateAtIndex(trust, i);
@@ -1402,7 +1404,9 @@ darwinssl_connect_step3(struct connectdata *conn,
   if(SecTrustEvaluateAsync != NULL) {
 #pragma unused(server_certs)
     err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust);
-    if(err == noErr) {
+    /* For some reason, SSLCopyPeerTrust() can return noErr and yet return
+       a null trust, so be on guard for that: */
+    if(err == noErr && trust) {
       count = SecTrustGetCertificateCount(trust);
       for(i = 0L ; i < count ; i++) {
         server_cert = SecTrustGetCertificateAtIndex(trust, i);
@@ -1422,7 +1426,8 @@ darwinssl_connect_step3(struct connectdata *conn,
   else {
 #if CURL_SUPPORT_MAC_10_8
     err = SSLCopyPeerCertificates(connssl->ssl_ctx, &server_certs);
-    if(err == noErr) {
+    /* Just in case SSLCopyPeerCertificates() returns null too... */
+    if(err == noErr && server_certs) {
       count = CFArrayGetCount(server_certs);
       for(i = 0L ; i < count ; i++) {
         server_cert = (SecCertificateRef)CFArrayGetValueAtIndex(server_certs,
author	Nick Zitzmann <nickzman@gmail.com>	2013-06-22 15:13:36 -0600
committer	Nick Zitzmann <nickzman@gmail.com>	2013-06-22 15:13:36 -0600
commit	f3052c8a819711d9193e4a1e9b23f2c76be58f74 (patch)
tree	fcc9c52f2d62f333861073fe518e641bb02dca5e /lib
parent	631e3e13a90eb7124d43310c3452948fba6c6136 (diff)