Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 19:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Change X509 extension value parsing to not abort on malloc failures.

Browse source 
Also comes with factoring that out in to it's own function and
additional error check before using a return value from BIO_pending.
This commit is contained in:
Jon Siwek 2014-05-01 13:04:34 -05:00
parent 636262d865
commit 385438d47c
3 changed files with 57 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/file_analysis/analyzer/x509/functions.bif
View file

@ -78,18 +78,10 @@ function x509_get_certificate_string%(cert: opaque of x509, pem: bool &default=F
else
i2d_X509_bio(bio, h->GetCertificate());
BIO_flush(bio);
int length = BIO_pending(bio);
// use OPENSS_malloc here. Otherwhise, interesting problems will happen.
char *buffer = (char*) OPENSSL_malloc(length);
StringVal* ext_val = file_analysis::X509::GetExtensionFromBIO(bio);
if ( ! buffer )
out_of_memory("x509_get_certificate_string");
BIO_read(bio, (void*) buffer, length);
StringVal* ext_val = new StringVal(length, buffer);
OPENSSL_free(buffer);
BIO_free_all(bio);
if ( ! ext_val )
ext_val = new StringVal("");
return ext_val;
%}