Opened 3 months ago

Closed 3 months ago

#2178 closed defect (fixed)

Crash in getting TLS certificate info when subject/issuer line is empty

Reported by: nanang Owned by: nanang
Priority: normal Milestone: release-2.9
Component: pjlib Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

Call stack trace:

1  pj_strstr (string.c:154)
2  get_cn_from_gen_name (ssl_sock_ossl.c:1390)
3  get_cert_info (ssl_sock_ossl.c:1455)
4  update_certs_info (ssl_sock_ossl.c:1564)
5  on_handshake_complete (ssl_sock_ossl.c:1590)

pj_strstr() does not expect NULL input string, which is what happens when subject/issuer line is empty.

Thanks Guy Mininberg for the report and the analysis.

Change History (1)

comment:1 Changed 3 months ago by nanang

  • Owner set to nanang
  • Resolution set to fixed
  • Status changed from new to closed

In 5935:

Close #2178: Added check in get_cn_from_gen_name() for empty general name string input.

Note: See TracTickets for help on using tickets.