|
|
db9c9a |
diff -urNp a/snmplib/snmp_openssl.c b/snmplib/snmp_openssl.c
|
|
|
db9c9a |
--- a/snmplib/snmp_openssl.c 2021-06-09 12:38:23.196037329 +0200
|
|
|
db9c9a |
+++ b/snmplib/snmp_openssl.c 2021-06-09 12:44:11.782503048 +0200
|
|
|
db9c9a |
@@ -284,31 +284,30 @@ _cert_get_extension(X509_EXTENSION *oex
|
|
|
db9c9a |
}
|
|
|
db9c9a |
if (X509V3_EXT_print(bio, oext, 0, 0) != 1) {
|
|
|
db9c9a |
snmp_log(LOG_ERR, "could not print extension!\n");
|
|
|
db9c9a |
- BIO_vfree(bio);
|
|
|
db9c9a |
- return NULL;
|
|
|
db9c9a |
+ goto out;
|
|
|
db9c9a |
}
|
|
|
db9c9a |
|
|
|
db9c9a |
space = BIO_get_mem_data(bio, &data);
|
|
|
db9c9a |
if (buf && *buf) {
|
|
|
db9c9a |
- if (*len < space)
|
|
|
db9c9a |
- buf_ptr = NULL;
|
|
|
db9c9a |
- else
|
|
|
db9c9a |
- buf_ptr = *buf;
|
|
|
db9c9a |
+ if (*len < space +1) {
|
|
|
db9c9a |
+ snmp_log(LOG_ERR, "not enough buffer space to print extension\n");
|
|
|
db9c9a |
+ goto out;
|
|
|
db9c9a |
+ }
|
|
|
db9c9a |
+ buf_ptr = *buf;
|
|
|
db9c9a |
+ } else {
|
|
|
db9c9a |
+ buf_ptr = calloc(1, space + 1);
|
|
|
db9c9a |
}
|
|
|
db9c9a |
- else
|
|
|
db9c9a |
- buf_ptr = calloc(1,space + 1);
|
|
|
db9c9a |
|
|
|
db9c9a |
if (!buf_ptr) {
|
|
|
db9c9a |
- snmp_log(LOG_ERR,
|
|
|
db9c9a |
- "not enough space or error in allocation for extenstion\n");
|
|
|
db9c9a |
- BIO_vfree(bio);
|
|
|
db9c9a |
- return NULL;
|
|
|
db9c9a |
+ snmp_log(LOG_ERR, "error in allocation for extenstion\n");
|
|
|
db9c9a |
+ goto out;
|
|
|
db9c9a |
}
|
|
|
db9c9a |
memcpy(buf_ptr, data, space);
|
|
|
db9c9a |
buf_ptr[space] = 0;
|
|
|
db9c9a |
if (len)
|
|
|
db9c9a |
*len = space;
|
|
|
db9c9a |
|
|
|
db9c9a |
+out:
|
|
|
db9c9a |
BIO_vfree(bio);
|
|
|
db9c9a |
|
|
|
db9c9a |
return buf_ptr;
|
|
|
db9c9a |
@@ -479,7 +478,7 @@ netsnmp_openssl_cert_dump_extensions(X50
|
|
|
db9c9a |
{
|
|
|
db9c9a |
X509_EXTENSION *extension;
|
|
|
db9c9a |
const char *extension_name;
|
|
|
db9c9a |
- char buf[SNMP_MAXBUF_SMALL], *buf_ptr = buf, *str, *lf;
|
|
|
db9c9a |
+ char buf[SNMP_MAXBUF], *buf_ptr = buf, *str, *lf;
|
|
|
db9c9a |
int i, num_extensions, buf_len, nid;
|
|
|
db9c9a |
|
|
|
db9c9a |
if (NULL == ocert)
|
|
|
db9c9a |
@@ -499,6 +498,11 @@ netsnmp_openssl_cert_dump_extensions(X50
|
|
|
db9c9a |
extension_name = OBJ_nid2sn(nid);
|
|
|
db9c9a |
buf_len = sizeof(buf);
|
|
|
db9c9a |
str = _cert_get_extension_str_at(ocert, i, &buf_ptr, &buf_len, 0);
|
|
|
db9c9a |
+ if (!str) {
|
|
|
db9c9a |
+ DEBUGMSGT(("9:cert:dump", " %2d: %s\n", i,
|
|
|
db9c9a |
+ extension_name));
|
|
|
db9c9a |
+ continue;
|
|
|
db9c9a |
+ }
|
|
|
db9c9a |
lf = strchr(str, '\n'); /* look for multiline strings */
|
|
|
db9c9a |
if (NULL != lf)
|
|
|
db9c9a |
*lf = '\0'; /* only log first line of multiline here */
|