From dd61daef708f6502fa735003ea92e79ac5108c9d Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 26 Mar 2014 12:01:26 -0700 Subject: [PATCH] When saving the signature from a DecodedCert to a CYASSL_X509 only copy the signature if it exists. --- cyassl/ctaocrypt/types.h | 3 ++- src/internal.c | 21 ++++++++++++--------- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/cyassl/ctaocrypt/types.h b/cyassl/ctaocrypt/types.h index 4d101275e..462bd116d 100644 --- a/cyassl/ctaocrypt/types.h +++ b/cyassl/ctaocrypt/types.h @@ -273,7 +273,8 @@ enum { DYNAMIC_TYPE_CAVIUM_RSA = 41, DYNAMIC_TYPE_X509 = 42, DYNAMIC_TYPE_TLSX = 43, - DYNAMIC_TYPE_OCSP = 44 + DYNAMIC_TYPE_OCSP = 44, + DYNAMIC_TYPE_SIGNATURE = 45 }; /* max error buffer string size */ diff --git a/src/internal.c b/src/internal.c index f92bf0a5f..3a55b6f11 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1324,7 +1324,7 @@ void FreeX509(CYASSL_X509* x509) if (x509->pubKey.buffer) XFREE(x509->pubKey.buffer, NULL, DYNAMIC_TYPE_PUBLIC_KEY); XFREE(x509->derCert.buffer, NULL, DYNAMIC_TYPE_SUBJECT_CN); - XFREE(x509->sig.buffer, NULL, 0); + XFREE(x509->sig.buffer, NULL, DYNAMIC_TYPE_SIGNATURE); #ifdef OPENSSL_EXTRA XFREE(x509->authKeyId, NULL, 0); XFREE(x509->subjKeyId, NULL, 0); @@ -3172,14 +3172,17 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert) ret = MEMORY_E; } - x509->sig.buffer = (byte*)XMALLOC(dCert->sigLength, NULL, 0); - if (x509->sig.buffer == NULL) { - ret = MEMORY_E; - } - else { - XMEMCPY(x509->sig.buffer, dCert->signature, dCert->sigLength); - x509->sig.length = dCert->sigLength; - x509->sigOID = dCert->signatureOID; + if (dCert->signature != NULL && dCert->sigLength != 0) { + x509->sig.buffer = (byte*)XMALLOC( + dCert->sigLength, NULL, DYNAMIC_TYPE_SIGNATURE); + if (x509->sig.buffer == NULL) { + ret = MEMORY_E; + } + else { + XMEMCPY(x509->sig.buffer, dCert->signature, dCert->sigLength); + x509->sig.length = dCert->sigLength; + x509->sigOID = dCert->signatureOID; + } } /* store cert for potential retrieval */