Commit 2b3fbc8c authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

Curl_nss_connect: avoid PATH_MAX 

Since some systems don't have PATH_MAX and it isn't that clever to
assume a fixed maximum path length, the code now allocates buffer space
instead of using stack.

Reported by: Samuel Thibault
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608521
parent 1ad5764f

lib/nss.c

+13 −4
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ 
 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.

 * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms
@@ -1265,12 +1265,21 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) 
        entry = PR_ReadDir(dir, PR_SKIP_BOTH | PR_SKIP_HIDDEN);



        if(entry) {

          char fullpath[PATH_MAX];

          char *fullpath;

          size_t pathlen = strlen(data->set.ssl.CApath) +

            strlen(entry->name) + 2; /* add two, for slash and trailing zero */

          fullpath = malloc(pathlen);

          if(!fullpath) {

            PR_CloseDir(dir);

            curlerr = CURLE_OUT_OF_MEMORY;

            goto error;

          }



          snprintf(fullpath, sizeof(fullpath), "%s/%s", data->set.ssl.CApath,

          snprintf(fullpath, pathlen, "%s/%s", data->set.ssl.CApath,

                   entry->name);

          rc = nss_load_cert(&conn->ssl[sockindex], fullpath, PR_TRUE);

          /* FIXME: check this return value! */

          free(fullpath);

        }

        /* This is purposefully tolerant of errors so non-PEM files

         * can be in the same directory */