technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Certficates: fixed counting DNS SAN entries.

Browse Source 
Previously, entries of any type were counted during object allocation
but only DNS type entries were actually processed.  As a result,
if some certificate entries had another type, returning information
about the certificate caused uninitialized memory access.
This commit is contained in:
Valentin Bartenev
2021-03-24 16:38:05 +03:00
parent 178f232b3a
commit f18a41c84b
2 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/nxt_cert.c
View File

@@ -722,13 +722,16 @@ nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, nxt_bool_t issuer)
if (alt_names != NULL) {
count = sk_GENERAL_NAME_num(alt_names);
n = 0;
for (n = 0; n != count; n++) {
name = sk_GENERAL_NAME_value(alt_names, n);
for (i = 0; i != count; i++) {
name = sk_GENERAL_NAME_value(alt_names, i);
if (name->type != GEN_DNS) {
continue;
}
n++;
}
names = nxt_conf_create_array(mp, n);