Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sectransp: EXC_BAD_ACCESS caused by non deterministic value #7126

Closed
wants to merge 8 commits into from
Closed

sectransp: EXC_BAD_ACCESS caused by non deterministic value #7126

wants to merge 8 commits into from

Conversation

@ebeworld
Copy link

@ebeworld ebeworld commented May 25, 2021

We have following code in Curl.
...
SecCertificateCopyCommonName(cert, &common_name);
#endif
if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo)

When the SecCertificateCopyCommonName function fails, it does not have to leave common_name in valid, state. So CFStringCompare is using the invalid result, hence causing EXC_BAD_ACCESS.

Fix is to check return value of the function.

ebejan and others added 2 commits May 25, 2021
We have following code in Curl.
...
 SecCertificateCopyCommonName(cert, &common_name);
#endif
          if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo)

When the SecCertificateCopyCommonName function fails, it does not have to leave common_name in valid, state. So CFStringCompare is using the invalid result, hence causing EXC_BAD_ACCESS.

Fix is to check return value of the function.
EXC_BAD_ACCESS caused by non deterministic value
@ebeworld ebeworld closed this May 25, 2021
@bagder bagder changed the title EXC_BAD_ACCESS caused by non deterministic value sectransp: EXC_BAD_ACCESS caused by non deterministic value May 25, 2021
@bagder bagder added the SSL/TLS label May 25, 2021
lib/vtls/sectransp.c Outdated Show resolved Hide resolved
@ebeworld ebeworld reopened this May 25, 2021
@bagder
Copy link
Member

@bagder bagder commented May 25, 2021

$ make checksrc
...
./vtls/sectransp.c:1167:103: warning: Longer than 79 columns (LONGLINE)
           if(copy_status == noErr && CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo) {
checksrc: 0 errors and 1 warnings
@ebeworld ebeworld requested a review from bagder May 25, 2021
@bagder
bagder approved these changes May 25, 2021
@bagder
Copy link
Member

@bagder bagder commented May 25, 2021

Thanks!

@bagder bagder closed this in a63dae5 May 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants