diff options
| author | Marc-André Lureau <marcandre.lureau@gmail.com> | 2012-05-17 14:38:20 +0200 |
|---|---|---|
| committer | Marc-André Lureau <marcandre.lureau@gmail.com> | 2012-05-17 14:38:28 +0200 |
| commit | 5f4409494066b5f59df58d6207fdbb0441aa9e90 (patch) | |
| tree | 9a8a0223b2f35e69892c5093b0466fdbe2e5f551 | |
| parent | 22fc0b0145876b90385c1c88923bcd72a6380812 (diff) | |
ssl-verify: add a bit of run-time checks
Even if they are not public functions, those conditions can be reached
in a invalid state.
| -rw-r--r-- | common/ssl_verify.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/common/ssl_verify.c b/common/ssl_verify.c index 2f34c00..3667b2e 100644 --- a/common/ssl_verify.c +++ b/common/ssl_verify.c @@ -166,6 +166,8 @@ static int verify_hostname(X509* cert, const char *hostname) int cn_match = 0; X509_NAME* subject; + spice_return_val_if_fail(hostname != NULL, 0); + if (!cert) { spice_debug("warning: no cert!"); return 0; @@ -270,6 +272,9 @@ static X509_NAME* subject_to_x509_name(const char *subject, int *nentries) VALUE } state; + spice_return_val_if_fail(subject != NULL, NULL); + spice_return_val_if_fail(nentries != NULL, NULL); + key = (char*)alloca(strlen(subject)); val = (char*)alloca(strlen(subject)); in_subject = X509_NAME_new(); |