logo

oasis

Own branch of Oasis Linux (upstream: <https://git.sr.ht/~mcf/oasis/>) git clone https://anongit.hacktivis.me/git/oasis.git

0002-bearssl-Remove-unnecessary-CA-blob-length-check.patch (882B)


  1. From f91719c41ecf96fe661a3fa03b5d22b8e6d52402 Mon Sep 17 00:00:00 2001
  2. From: Michael Forney <mforney@mforney.org>
  3. Date: Mon, 15 Nov 2021 13:10:02 -0800
  4. Subject: [PATCH] bearssl: Remove unnecessary CA blob length check
  5. BearSSL APIs take a size_t length parameter, so unlike OpenSSL,
  6. there is no conversion to int and no reason to check that it's less
  7. than INT_MAX.
  8. ---
  9. lib/vtls/bearssl.c | 3 ---
  10. 1 file changed, 3 deletions(-)
  11. diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c
  12. index 934149c..32d9a5b 100644
  13. --- a/lib/vtls/bearssl.c
  14. +++ b/lib/vtls/bearssl.c
  15. @@ -133,9 +133,6 @@ static CURLcode load_cafile(struct cafile_source *source,
  16. return CURLE_SSL_CACERT_BADFILE;
  17. }
  18. - if(source->type == CAFILE_SOURCE_BLOB && source->len > (size_t)INT_MAX)
  19. - return CURLE_SSL_CACERT_BADFILE;
  20. -
  21. ca.err = CURLE_OK;
  22. ca.in_cert = FALSE;
  23. ca.anchors = NULL;
  24. --
  25. 2.42.0