mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-01-30 14:22:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

mbedtls: fix CURLOPT_SSLCERT_BLOB

Browse Source 
The memory passed to mbedTLS for this needs to be null terminated.

Reported-by: Florian Van Heghe
Closes #8146
This commit is contained in:
Daniel Stenberg 2021-12-14 10:00:34 +01:00
parent 64e8bf9ff4
commit 867ad1cd8b
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/vtls/mbedtls.c
View File

@ -379,10 +379,17 @@ mbed_connect_step1(struct Curl_easy *data, struct connectdata *conn,
}
if(ssl_cert_blob) {
const unsigned char *blob_data =
(const unsigned char *)ssl_cert_blob->data;
ret = mbedtls_x509_crt_parse(&backend->clicert, blob_data,
/* Unfortunately, mbedtls_x509_crt_parse() requires the data to be null
terminated even when provided the exact length, forcing us to waste
extra memory here. */
unsigned char *newblob = malloc(ssl_cert_blob->len + 1);
if(!newblob)
return CURLE_OUT_OF_MEMORY;
memcpy(newblob, ssl_cert_blob->data, ssl_cert_blob->len);
newblob[ssl_cert_blob->len] = 0; /* null terminate */
ret = mbedtls_x509_crt_parse(&backend->clicert, newblob,
ssl_cert_blob->len);
free(newblob);
if(ret) {
mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));