From 386ed2d5904566cbc455a50ee7a57d70385e1f02 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 22 Apr 2014 23:24:31 +0200 Subject: gtls: fix NULL pointer dereference gnutls_x509_crt_import() must not be called with a NULL certificate Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html Reported-by: Damian Dixon --- lib/vtls/gtls.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'lib/vtls') diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 2a9878715..d6849cebc 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -735,9 +735,10 @@ gtls_connect_step3(struct connectdata *conn, /* initialize an X.509 certificate structure. */ gnutls_x509_crt_init(&x509_cert); - /* convert the given DER or PEM encoded Certificate to the native - gnutls_x509_crt_t format */ - gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER); + if(chainp) + /* convert the given DER or PEM encoded Certificate to the native + gnutls_x509_crt_t format */ + gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER); if(data->set.ssl.issuercert) { gnutls_x509_crt_init(&x509_issuer); -- cgit v1.2.3