changeset 1686:523350565889

Fix segfault with https and self-signed certs Crashed when no "/CN=" substring in certificate name. I saw this with calomel.org (which just had "/C=US", if I recall correctly).
author corvid <corvid@lavabit.com>
date Tue, 03 Aug 2010 16:17:39 +0000
parents e27f1df9ae80
children 93753d2303cd
files ChangeLog dpi/https.c
diffstat 2 files changed, 4 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Fri Jul 30 17:34:15 2010 +0000
+++ b/ChangeLog	Tue Aug 03 16:17:39 2010 +0000
@@ -18,6 +18,7 @@
  - Fix segfault with form inputs and repush for stylesheets.
  - Handle white-space: pre-wrap and pre-line.
  - Support for the word-spacing property.
+ - Fix segfault with https and self-signed certificates.
    Patches: corvid
 +- Implement line-height.
    Patch: Johannes Hofmann, corvid
--- a/dpi/https.c	Fri Jul 30 17:34:15 2010 +0000
+++ b/dpi/https.c	Tue Aug 03 16:17:39 2010 +0000
@@ -452,10 +452,11 @@
       case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
          /*Either self signed and untrusted*/
          /*Extract CN from certificate name information*/
-         cn = strstr(remote_cert->name, "/CN=") + 4;
-         if (cn == NULL)
+         if ((cn = strstr(remote_cert->name, "/CN=")) == NULL)
             break;
 
+         cn += 4;
+
          if ((cn_end = strstr(cn, "/")) == NULL )
             cn_end = cn + strlen(cn);