mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-01-30 14:22:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

mbedTLS: include NULL byte in blob data length for CURLOPT_CAINFO_BLOB

Browse Source 
Fixes #8079
Closes #8081
This commit is contained in:
Florian Van Heghe 2021-12-01 12:37:42 +01:00 committed by Daniel Stenberg
parent 7da636cad5
commit 456c53730d
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/vtls/mbedtls.c
View File

@ -320,9 +320,14 @@ mbed_connect_step1(struct Curl_easy *data, struct connectdata *conn,
mbedtls_x509_crt_init(&backend->cacert);
if(ca_info_blob) {
const unsigned char *blob_data = (const unsigned char *)ca_info_blob->data;
unsigned char *blob_data = (unsigned char *)ca_info_blob->data;
/* mbedTLS expects the terminating NULL byte to be included in the length
of the data */
size_t blob_data_len = ca_info_blob->len + 1;
ret = mbedtls_x509_crt_parse(&backend->cacert, blob_data,
ca_info_blob->len);
blob_data_len);
if(ret<0) {
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));