cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] nss: start with no database if the selected database is broken

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Mon, 15 Aug 2011 14:55:59 +0200

On Mon August 15 2011 14:21:55 Daniel Stenberg wrote:
> I only have one comment that isn't even strictly on topic but I came to
> think of it now when reading the patch. This particular code is however
> now new.
>
> > + char *certpath = PR_smprintf("%s%s", use_sql ? "sql:" : "",
> > cert_dir);
>
> The code doesn't check for failure, so in OOM situations the code following
> this will read from NULL. That made me think if you shouldn't rather use
> our own aprintf() instead of PR_smprintf() there as then we'd get that
> memory allocation tested in our torture tests.
>
> Either way, it should check 'certpath' for NULL.

Daniel, thanks for spotting it. I have fixed the memory allocation issues
and pushed the patch as d6f319f.

Kamil
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-08-15