projects / mech_eap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a89beee) | patch
BoringSSL: Fix PKCS12_parse() segfault when used without password
authorJouni Malinen <jouni@qca.qualcomm.com>
Mon, 17 Aug 2015 23:06:02 +0000 (02:06 +0300)
committerJouni Malinen <j@w1.fi>
Mon, 17 Aug 2015 23:06:02 +0000 (02:06 +0300)
commitc07e7b43e91f8058b38e5534a53302f69d037dc8
tree9da9489686c936e72c803d7e19b83da72ac00f0ctree | snapshot
parenta89beee589c79229b74a94cff8c79201d8b8503bcommit | diff
BoringSSL: Fix PKCS12_parse() segfault when used without password

Unlike OpenSSL PKCS12_parse(), the BoringSSL version seems to require
the password pointer to be non-NULL even if no password is present. Map
passwrd == NULL to passwd = "" to avoid a NULL pointer dereference
within BoringSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
src/crypto/tls_openssl.c diff | blob | history
Moonshot GSS-API mechanism