Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 15:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Backport crash fix that made it into master with the x509_extension

Browse source 
backport from here.
This commit is contained in:
Bernhard Amann 2014-02-28 02:09:06 -08:00
parent 30860e4226
commit 1735e33691
1 changed files with 6 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/file_analysis/analyzer/x509/X509.cc
View file

@ -163,10 +163,13 @@ void file_analysis::X509::ParseExtension(X509_EXTENSION* ex)
BIO_flush(bio);
int length = BIO_pending(bio);
char *buffer = new char[length];
// Use OPENSSL_malloc here. Using new or anything else can lead
// to interesting, hard to debug segfaults.
char *buffer = (char*) OPENSSL_malloc(length);
BIO_read(bio, (void*)buffer, length);
StringVal* ext_val = new StringVal(length, buffer);
delete(buffer);
OPENSSL_free(buffer);
BIO_free_all(bio);
RecordVal* pX509Ext = new RecordVal(BifType::Record::X509::Extension);
@ -189,16 +192,13 @@ void file_analysis::X509::ParseExtension(X509_EXTENSION* ex)
mgr.QueueEvent(x509_extension, vl);
// look if we have a specialized handler for this event...
if ( OBJ_obj2nid(ext_asn) == NID_basic_constraints )
ParseBasicConstraints(ex);
else if ( OBJ_obj2nid(ext_asn) == NID_subject_alt_name )
ParseSAN(ex);
}
void file_analysis::X509::ParseBasicConstraints(X509_EXTENSION* ex)
{
assert(OBJ_obj2nid(X509_EXTENSION_get_object(ex)) == NID_basic_constraints);
@ -222,7 +222,6 @@ void file_analysis::X509::ParseBasicConstraints(X509_EXTENSION* ex)
mgr.QueueEvent(x509_ext_basic_constraints, vl);
}
}
void file_analysis::X509::ParseSAN(X509_EXTENSION* ext)