Commit 26ddc536 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

openssl: fix use of uninitialized buffer 

Make sure that the error buffer is always initialized and simplify the
use of it to make the logic easier.

Bug: https://github.com/bagder/curl/issues/318
Reported-by: sneis
parent 0e7d76d6

lib/vtls/openssl.c

+7 −7
Original line number Diff line number Diff line
@@ -2137,10 +2137,9 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) 
    else {

      /* untreated error */

      unsigned long errdetail;

      char error_buffer[256]; /* OpenSSL documents that this must be at least

                                 256 bytes long. */

      char error_buffer[256]=""; /* OpenSSL documents that this must be at

                                    least 256 bytes long. */

      CURLcode result;

      const char *cert_problem = NULL;

      long lerr;



      connssl->connecting_state = ssl_connect_2; /* the connection failed,
@@ -2172,9 +2171,10 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) 
                   X509_verify_cert_error_string(lerr));

        }

        else

          cert_problem = "SSL certificate problem, verify that the CA cert is"

            " OK.";



          /* strcpy() is fine here as long as the string fits within

             error_buffer */

          strcpy(error_buffer,

                 "SSL certificate problem, check your CA cert");

        break;

      default:

        result = CURLE_SSL_CONNECT_ERROR;
@@ -2195,7 +2195,7 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) 
      }



      /* Could be a CERT problem */

      failf(data, "%s%s", cert_problem ? cert_problem : "", error_buffer);

      failf(data, "%s", error_buffer);



      return result;

    }