From 5f4409494066b5f59df58d6207fdbb0441aa9e90 Mon Sep 17 00:00:00 2001 From: Marc-André Lureau Date: Thu, 17 May 2012 14:38:20 +0200 Subject: ssl-verify: add a bit of run-time checks Even if they are not public functions, those conditions can be reached in a invalid state. --- common/ssl_verify.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/common/ssl_verify.c b/common/ssl_verify.c index 2f34c00..3667b2e 100644 --- a/common/ssl_verify.c +++ b/common/ssl_verify.c @@ -166,6 +166,8 @@ static int verify_hostname(X509* cert, const char *hostname) int cn_match = 0; X509_NAME* subject; + spice_return_val_if_fail(hostname != NULL, 0); + if (!cert) { spice_debug("warning: no cert!"); return 0; @@ -270,6 +272,9 @@ static X509_NAME* subject_to_x509_name(const char *subject, int *nentries) VALUE } state; + spice_return_val_if_fail(subject != NULL, NULL); + spice_return_val_if_fail(nentries != NULL, NULL); + key = (char*)alloca(strlen(subject)); val = (char*)alloca(strlen(subject)); in_subject = X509_NAME_new(); -- cgit v1.2.3