You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by kb...@apache.org on 2011/09/07 15:47:08 UTC

svn commit: r1166181 - /httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c

Author: kbrand
Date: Wed Sep  7 13:47:07 2011
New Revision: 1166181

URL: http://svn.apache.org/viewvc?rev=1166181&view=rev
Log:
ssl_var_lookup_ssl_cert_dn_oneline(): properly deal with empty DNs 
(BIO_read might return -1 in such a case)

Modified:
    httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c?rev=1166181&r1=1166180&r2=1166181&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c Wed Sep  7 13:47:07 2011
@@ -394,7 +394,7 @@ static char *ssl_var_lookup_ssl(apr_pool
 static char *ssl_var_lookup_ssl_cert_dn_oneline(apr_pool_t *p, request_rec *r,
                                                 X509_NAME *xsname)
 {
-    char *result;
+    char *result = NULL;
     SSLDirConfigRec *dc;
     int legacy_format = 0;
     if (r) {
@@ -414,9 +414,11 @@ static char *ssl_var_lookup_ssl_cert_dn_
             return NULL;
         X509_NAME_print_ex(bio, xsname, 0, flags);
         n = BIO_pending(bio);
-        result = apr_palloc(p, n+1);
-        n = BIO_read(bio, result, n);
-        result[n] = NUL;
+        if (n > 0) {
+            result = apr_palloc(p, n+1);
+            n = BIO_read(bio, result, n);
+            result[n] = NUL;
+        }
         BIO_free(bio);
     }
     return result;