diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-12-18 10:25:15 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-12-18 10:25:15 -0500 |
| commit | 6b5b1a02d46f761b691527c8e3c9a2ad08b0c3a5 (patch) | |
| tree | f512b638fb500365ec3ae3b86e149e5acda7dc9a /src | |
| parent | 2e99371eb9886559814c3c8b7e4ba52e474bb520 (diff) | |
| download | tor-6b5b1a02d46f761b691527c8e3c9a2ad08b0c3a5.tar.gz tor-6b5b1a02d46f761b691527c8e3c9a2ad08b0c3a5.zip | |
Fix a coverity NULL-pointer deref warning in the tortls tests.
Also, make our cert validation code more NULL-resistant.
This is CID 1327891.
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/tortls.c | 2 | ||||
| -rw-r--r-- | src/test/test_tortls.c | 5 |
2 files changed, 6 insertions, 1 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index a1facec409..5e0c97096d 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -884,7 +884,7 @@ tor_tls_cert_is_valid(int severity, EVP_PKEY *cert_key; int r, key_ok = 0; - if (!signing_cert) + if (!signing_cert || !cert) goto bad; EVP_PKEY *signing_key = X509_get_pubkey(signing_cert->cert); diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 709c8dbd77..add020e9f4 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -2680,7 +2680,12 @@ test_tortls_cert_is_valid(void *ignored) scert = tor_malloc_zero(sizeof(tor_x509_cert_t)); ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); tt_int_op(ret, OP_EQ, 0); + + cert = tor_malloc_zero(sizeof(tor_x509_cert_t)); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); + tt_int_op(ret, OP_EQ, 0); tor_free(scert); + tor_free(cert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); |