sectransp: make read_cert() use a dynbuf when loading

Closes #10632
2024-12-15 06:40:09 +08:00 · 2023-02-27 20:36:22 +01:00 · 2023-02-27 20:36:22 +01:00 · c50a6eee04
commit c50a6eee04
parent 0b84d0cf1b
1 changed files with 15 additions and 26 deletions
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@ -2150,50 +2150,39 @@ static long pem_to_der(const char *in, unsigned char **out, size_t *outlen)
  return sep_end - in;
 }

+#define MAX_CERTS_SIZE (50*1024*1024) /* arbitrary - to catch mistakes */
+
 static int read_cert(const char *file, unsigned char **out, size_t *outlen)
 {
  int fd;
-  ssize_t n, len = 0, cap = 512;
-  unsigned char buf[512], *data;
+  ssize_t n;
+  unsigned char buf[512];
+  struct dynbuf certs;
+
+  Curl_dyn_init(&certs, MAX_CERTS_SIZE);

  fd = open(file, 0);
  if(fd < 0)
    return -1;

-  data = malloc(cap);
-  if(!data) {
-    close(fd);
-    return -1;
-  }
-
  for(;;) {
    n = read(fd, buf, sizeof(buf));
+    if(!n)
+      break;
    if(n < 0) {
      close(fd);
-      free(data);
+      Curl_dyn_free(&certs);
      return -1;
    }
-    else if(n == 0) {
+    if(Curl_dyn_addn(&certs, buf, n)) {
      close(fd);
-      break;
+      return -1;
    }
-
-    if(len + n >= cap) {
-      cap *= 2;
-      data = Curl_saferealloc(data, cap);
-      if(!data) {
-        close(fd);
-        return -1;
-      }
-    }
-
-    memcpy(data + len, buf, n);
-    len += n;
  }
-  data[len] = '\0';
+  close(fd);

-  *out = data;
-  *outlen = len;
+  *out = Curl_dyn_uptr(&certs);
+  *outlen = Curl_dyn_len(&certs);

  return 0;
 }