diff options
author | Jaap Keuter <jaap.keuter@xs4all.nl> | 2016-08-04 00:14:56 +0200 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2016-08-03 22:26:52 +0000 |
commit | 9affd2656c9c2f6e911817f196a524f4b5b2c1cd (patch) | |
tree | ab48f8ed6972bb15ed1c7b70f950d14e9a74ccc4 /epan/dissectors/packet-ssl-utils.c | |
parent | 86cf94ffeecfa2f02a4a286f41e00bfcf4f1d84e (diff) | |
download | wireshark-9affd2656c9c2f6e911817f196a524f4b5b2c1cd.tar.gz |
SSL utils: Add proper check while getting bag type
Implementing proper return value check, as done for other gnutls function
calls, catches (unlikely) errors and allows C++ compatible build.
Change-Id: Idf5bd3fe6e68d006a469fe72663dea1c7e2d17f7
Reviewed-on: https://code.wireshark.org/review/16865
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.c')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 080caa2378..62acd7e29a 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -3936,13 +3936,17 @@ ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd, char** err) { for (j=0; j<gnutls_pkcs12_bag_get_count(bag); j++) { - bag_type = gnutls_pkcs12_bag_get_type(bag, j); + ret = gnutls_pkcs12_bag_get_type(bag, j); + if (ret < 0) goto done; + bag_type = (gnutls_pkcs12_bag_type_t)ret; if (bag_type >= GNUTLS_BAG_UNKNOWN) goto done; ssl_debug_printf( "Bag %d/%d: %s\n", i, j, BAGTYPE(bag_type)); if (bag_type == GNUTLS_BAG_ENCRYPTED) { ret = gnutls_pkcs12_bag_decrypt(bag, cert_passwd); if (ret == 0) { - bag_type = gnutls_pkcs12_bag_get_type(bag, j); + ret = gnutls_pkcs12_bag_get_type(bag, j); + if (ret < 0) goto done; + bag_type = (gnutls_pkcs12_bag_type_t)ret; if (bag_type >= GNUTLS_BAG_UNKNOWN) goto done; ssl_debug_printf( "Bag %d/%d decrypted: %s\n", i, j, BAGTYPE(bag_type)); } |