Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

HTTP: Fix OCSP error path

If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Subhani Shaik 10 years ago
parent
946572ca0e
commit
bd7bb43784
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      src/utils/http_curl.c

+ 1 - 1
src/utils/http_curl.c
View File 

@@ -1098,7 +1098,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
 
 				sk_X509_free(certs);
 
 				certs = NULL;
 
 			}
 
-			if (ctx->peer_issuer_issuer) {
 
+			if (certs && ctx->peer_issuer_issuer) {
 
 				cert = X509_dup(ctx->peer_issuer_issuer);
 
 				if (cert && !sk_X509_push(certs, cert)) {
 
 					tls_show_errors(