proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-07-24 05:44:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Catch error instead of segfaulting

Browse Source 
when trying to parse a certificate subject, Net::SSLeay
will segfault in libcrypto when given 0 as input. Catch
this and die with a meaningful error message instead.
This commit is contained in:
Fabian Grünbichler 2016-03-08 16:17:55 +01:00 committed by Dietmar Maurer
parent 4836db5f52
commit 449037034e
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
PVE/AccessControl.pm
View File

@ -287,8 +287,15 @@ sub read_x509_subject_spice {
# read x509 subject
my $bio = Net::SSLeay::BIO_new_file($filename, 'r');
die "Could not open $filename using OpenSSL\n"
if !$bio;
my $x509 = Net::SSLeay::PEM_read_bio_X509($bio);
Net::SSLeay::BIO_free($bio);
die "Could not parse X509 certificate in $filename\n"
if !$x509;
my $nameobj = Net::SSLeay::X509_get_subject_name($x509);
my $subject = Net::SSLeay::X509_NAME_oneline($nameobj);
Net::SSLeay::X509_free($x509);