projects
/
mech_eap.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c0c11af
)
wpa_supplicant: Fix NULL dereference in tls_verify_cb()
author
Eytan Lifshitz
<eytan.lifshitz@intel.com>
Mon, 10 Feb 2014 10:55:08 +0000
(12:55 +0200)
committer
Jouni Malinen
<j@w1.fi>
Thu, 13 Feb 2014 13:58:21 +0000
(15:58 +0200)
In function tls_verify_cb(), X509_STORE_CTX_get_current_cert() may
return NULL, and it will be dereferenced by X509_get_subject_name().
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
src/crypto/tls_openssl.c
patch
|
blob
|
history
diff --git
a/src/crypto/tls_openssl.c
b/src/crypto/tls_openssl.c
index
d025ae0
..
a13fa38
100644
(file)
--- a/
src/crypto/tls_openssl.c
+++ b/
src/crypto/tls_openssl.c
@@
-1368,6
+1368,9
@@
static int tls_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
const char *err_str;
err_cert = X509_STORE_CTX_get_current_cert(x509_ctx);
+ if (!err_cert)
+ return 0;
+
err = X509_STORE_CTX_get_error(x509_ctx);
depth = X509_STORE_CTX_get_error_depth(x509_ctx);
ssl = X509_STORE_CTX_get_ex_data(x509_ctx,