diff options
author | Thiago Macieira <thiago.macieira@nokia.com> | 2010-01-20 20:06:32 (GMT) |
---|---|---|
committer | Thiago Macieira <thiago.macieira@nokia.com> | 2010-01-21 13:14:22 (GMT) |
commit | c86ab3fcedd3bcfa195d42d45fb732cb8315319d (patch) | |
tree | a38b1498211288ef300c7ea04050c440fc960434 /src/network/ssl | |
parent | 0a9e29a58bd501af2e52f868386b27b29ebb1a72 (diff) | |
download | Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.zip Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.tar.gz Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.tar.bz2 |
SSL Certificate: don't crash when the END CERTIFICATE line ends without CRLF
If the file/data ends in the END CERTIFICATE line without a newline,
the certificate is still valid. If it's followed by anything other
than a newline, then it's no longer valid.
Also add another test for the BEGIN CERTIFICATE ending without
newline, to ensure we don't crash there either.
Reviewed-By: Peter Hartmann
Diffstat (limited to 'src/network/ssl')
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 8993e72..9a9b1b5 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -696,11 +696,11 @@ QSslCertificate QSslCertificatePrivate::QSslCertificate_from_X509(X509 *x509) static bool matchLineFeed(const QByteArray &pem, int *offset) { - char ch = pem.at(*offset); + char ch; // ignore extra whitespace at the end of the line - while (ch == ' ' && *offset < pem.size()) - ch = pem.at(++*offset); + while (*offset < pem.size() && (ch = pem.at(*offset)) == ' ') + ++*offset; if (ch == '\n') { *offset += 1; @@ -732,7 +732,7 @@ QList<QSslCertificate> QSslCertificatePrivate::certificatesFromPem(const QByteAr break; offset = endPos + sizeof(ENDCERTSTRING) - 1; - if (!matchLineFeed(pem, &offset)) + if (offset < pem.size() && !matchLineFeed(pem, &offset)) break; QByteArray decoded = QByteArray::fromBase64( |