ssl_var_lookup_ssl_cert_dn_oneline(): properly deal with empty DNs

author Kaspar Brand <kbrand@apache.org>

Wed, 7 Sep 2011 13:47:07 +0000 (13:47 +0000)

committer Kaspar Brand <kbrand@apache.org>

Wed, 7 Sep 2011 13:47:07 +0000 (13:47 +0000)
author Kaspar Brand <kbrand@apache.org>
Wed, 7 Sep 2011 13:47:07 +0000 (13:47 +0000)
committer Kaspar Brand <kbrand@apache.org>
Wed, 7 Sep 2011 13:47:07 +0000 (13:47 +0000)
diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c

index e95405c6c8f6756c7f47ce602e19470d5a88d566..ea7aa71816aa5c4d960f1da07a83c770bac73779 100644 (file)
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -394,7 +394,7 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, request_rec *r,
  static char *ssl_var_lookup_ssl_cert_dn_oneline(apr_pool_t *p, request_rec *r,
                                                  X509_NAME *xsname)
  {
-    char *result;
+    char *result = NULL;
      SSLDirConfigRec *dc;
      int legacy_format = 0;
      if (r) {
@@ -414,9 +414,11 @@ static char *ssl_var_lookup_ssl_cert_dn_oneline(apr_pool_t *p, request_rec *r,
              return NULL;
          X509_NAME_print_ex(bio, xsname, 0, flags);
          n = BIO_pending(bio);
-        result = apr_palloc(p, n+1);
-        n = BIO_read(bio, result, n);
-        result[n] = NUL;
+        if (n > 0) {
+            result = apr_palloc(p, n+1);
+            n = BIO_read(bio, result, n);
+            result[n] = NUL;
+        }
          BIO_free(bio);
      }
      return result;
author	Kaspar Brand <kbrand@apache.org>
	Wed, 7 Sep 2011 13:47:07 +0000 (13:47 +0000)
committer	Kaspar Brand <kbrand@apache.org>
	Wed, 7 Sep 2011 13:47:07 +0000 (13:47 +0000)