[PATCH spice-common] ssl-verify: add a bit of run-time checks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Even if they are not public functions, those conditions can be reached
in a invalid state.
---
 common/ssl_verify.c |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/common/ssl_verify.c b/common/ssl_verify.c
index 2f34c00..3667b2e 100644
--- a/common/ssl_verify.c
+++ b/common/ssl_verify.c
@@ -166,6 +166,8 @@ static int verify_hostname(X509* cert, const char *hostname)
     int cn_match = 0;
     X509_NAME* subject;
 
+    spice_return_val_if_fail(hostname != NULL, 0);
+
     if (!cert) {
         spice_debug("warning: no cert!");
         return 0;
@@ -270,6 +272,9 @@ static X509_NAME* subject_to_x509_name(const char *subject, int *nentries)
         VALUE
     } state;
 
+    spice_return_val_if_fail(subject != NULL, NULL);
+    spice_return_val_if_fail(nentries != NULL, NULL);
+
     key = (char*)alloca(strlen(subject));
     val = (char*)alloca(strlen(subject));
     in_subject = X509_NAME_new();
-- 
1.7.10.1

_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/spice-devel
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]     [Monitors]