summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRemko Tronçon <git@el-tramo.be>2014-06-22 11:15:29 (GMT)
committerRemko Tronçon <git@el-tramo.be>2014-06-22 11:31:31 (GMT)
commit1eb14b6bde145ca54ac9b981df339fb8c56d3930 (patch)
tree402da86d2807365179dea0789b08fd70556c65d3
parentf91647cf9a0df0366342fae2cbcfe9df376379ba (diff)
downloadswift-1eb14b6bde145ca54ac9b981df339fb8c56d3930.zip
swift-1eb14b6bde145ca54ac9b981df339fb8c56d3930.tar.bz2
NULL-terminate PKCS12 password buffer
This fixes a bug with PCKS12 cert auth that only manifested itself on specific platforms (e.g. ARM) Test-Information: Patch was tested by reporter on a failing platform Change-Id: I4663363aadaf5f00c2092e2f58d45f5ba1b4229a
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.cpp4
1 files changed, 3 insertions, 1 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index 4e8654f..54fb7bd 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -220,7 +220,9 @@ bool OpenSSLContext::setClientCertificate(CertificateWithKey::ref certificate) {
X509 *certPtr = 0;
EVP_PKEY* privateKeyPtr = 0;
STACK_OF(X509)* caCertsPtr = 0;
- int result = PKCS12_parse(pkcs12.get(), reinterpret_cast<const char*>(vecptr(pkcs12Certificate->getPassword())), &privateKeyPtr, &certPtr, &caCertsPtr);
+ SafeByteArray password(pkcs12Certificate->getPassword());
+ password.push_back(0);
+ int result = PKCS12_parse(pkcs12.get(), reinterpret_cast<const char*>(vecptr(password)), &privateKeyPtr, &certPtr, &caCertsPtr);
if (result != 1) {
return false;
}