proxmox-mirrors/libgit2
1
0
Fork 0
mirror of https://git.proxmox.com/git/libgit2 synced 2025-05-15 21:00:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

SecureTransport: handle NULL trust on success

Browse Source 
The `SSLCopyPeerTrust` call can succeed but fail to return a trust
object if it can't load the certificate chain and thus cannot check the
validity of a certificate. This can lead to us calling `CFRelease` on a
`NULL` trust object, causing a crash.

Handle this by returning ECERTIFICATE.
This commit is contained in:
Carlos Martín Nieto 2016-08-05 18:40:37 +02:00
parent 1fafead53a
commit b64722fd52
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/stransport_stream.c
View File

@ -67,6 +67,9 @@ int stransport_connect(git_stream *stream)
if ((ret = SSLCopyPeerTrust(st->ctx, &trust)) != noErr) if ((ret = SSLCopyPeerTrust(st->ctx, &trust)) != noErr)
goto on_error; goto on_error;
if (!trust)
return GIT_ECERTIFICATE;
if ((ret = SecTrustEvaluate(trust, &sec_res)) != noErr) if ((ret = SecTrustEvaluate(trust, &sec_res)) != noErr)
goto on_error; goto on_error;