Commit b13923f0 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

darwinssl: aprintf() to allocate the session key 

... to avoid using a fixed memory size that risks being too large or too
small.
parent 212e3e26

lib/vtls/curl_darwinssl.c

+4 −5
Original line number Diff line number Diff line
@@ -1482,10 +1482,9 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, 
     to starting the handshake. */

  else {

    CURLcode retcode;



    ssl_sessionid = malloc(256*sizeof(char));

    ssl_sessionid_len = snprintf(ssl_sessionid, 256, "curl:%s:%hu",

    ssl_sessionid = aprintf(ssl_sessionid, "curl:%s:%hu",

                            conn->host.name, conn->remote_port);

    ssl_sessionid_len = strlen(ssl_sessionid);

    err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);

    if(err != noErr) {

      failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err);