From aa2ea66cdac57868c821190dc30d6bb6d58b4a58 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Sun, 27 Aug 2017 23:37:02 -0400 Subject: darwinssl: handle long strings in TLS certs (follow-up) - Fix handling certificate subjects that are already UTF-8 encoded. Follow-up to b3b75d1 from two days ago. Since then a copy would be skipped if the subject was already UTF-8, possibly resulting in a NULL deref later on. Ref: https://github.com/curl/curl/issues/1823 Ref: https://github.com/curl/curl/pull/1831 Closes https://github.com/curl/curl/pull/1836 --- lib/vtls/darwinssl.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'lib/vtls/darwinssl.c') diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index d6503216a..b4747dcf2 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -910,11 +910,26 @@ static CURLcode CopyCertSubject(struct Curl_easy *data, { CFStringRef c = getsubject(cert); CURLcode result = CURLE_OK; + const char *direct; char *cbuf = NULL; *certp = NULL; - /* If subject is not UTF-8 then check if it can be converted */ - if(!CFStringGetCStringPtr(c, kCFStringEncodingUTF8)) { + if(!c) { + failf(data, "SSL: invalid CA certificate subject"); + return CURLE_OUT_OF_MEMORY; + } + + /* If the subject is already available as UTF-8 encoded (ie 'direct') then + use that, else convert it. */ + direct = CFStringGetCStringPtr(c, kCFStringEncodingUTF8); + if(direct) { + *certp = strdup(direct); + if(!*certp) { + failf(data, "SSL: out of memory"); + result = CURLE_OUT_OF_MEMORY; + } + } + else { size_t cbuf_size = ((size_t)CFStringGetLength(c) * 4) + 1; cbuf = calloc(cbuf_size, 1); if(cbuf) { -- cgit v1.2.3