luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

openssl: fix out of scope variables in goto

Browse Source 
Some of the 'goto fail' situations could happen without having
initialized the local variables referenced in the error code flow.

Reported-by: Marcel Raad
Fixes #16246
Closes #16251
This commit is contained in:
Daniel Stenberg 2025-02-07 23:34:49 +01:00
parent d4947203d0
commit 3f79695be9
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/vtls/openssl.c
View File

@ -1296,7 +1296,9 @@ int cert_stuff(struct Curl_easy *data,
if(cert_file || cert_blob || (file_type == SSL_FILETYPE_ENGINE) || if(cert_file || cert_blob || (file_type == SSL_FILETYPE_ENGINE) ||
(file_type == SSL_FILETYPE_PROVIDER)) { (file_type == SSL_FILETYPE_PROVIDER)) {
SSL *ssl; SSL *ssl;
X509 *x509; X509 *x509 = NULL;
EVP_PKEY *pri = NULL;
STACK_OF(X509) *ca = NULL;
int cert_done = 0; int cert_done = 0;
int cert_use_result; int cert_use_result;
@ -1485,8 +1487,6 @@ int cert_stuff(struct Curl_easy *data,
{ {
BIO *cert_bio = NULL; BIO *cert_bio = NULL;
PKCS12 *p12 = NULL; PKCS12 *p12 = NULL;
EVP_PKEY *pri;
STACK_OF(X509) *ca = NULL;
if(cert_blob) { if(cert_blob) {
cert_bio = BIO_new_mem_buf(cert_blob->data, (int)(cert_blob->len)); cert_bio = BIO_new_mem_buf(cert_blob->data, (int)(cert_blob->len));
if(!cert_bio) { if(!cert_bio) {
@ -1527,8 +1527,7 @@ int cert_stuff(struct Curl_easy *data,
PKCS12_PBE_add(); PKCS12_PBE_add();
if(!PKCS12_parse(p12, key_passwd, &pri, &x509, if(!PKCS12_parse(p12, key_passwd, &pri, &x509, &ca)) {
&ca)) {
failf(data, failf(data,
"could not parse PKCS12 file, check password, " OSSL_PACKAGE "could not parse PKCS12 file, check password, " OSSL_PACKAGE
" error %s", " error %s",