From: Kaspar Brand <kbrand@apache.org>
Date: Wed, 7 Sep 2011 13:47:07 +0000 (+0000)
Subject: ssl_var_lookup_ssl_cert_dn_oneline(): properly deal with empty DNs
X-Git-Tag: 2.3.15~294
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=de33f8ce044fdaf578fc34fc1d5286156a922adb;p=apache

ssl_var_lookup_ssl_cert_dn_oneline(): properly deal with empty DNs
(BIO_read might return -1 in such a case)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1166181 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index e95405c6c8..ea7aa71816 100644
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -394,7 +394,7 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, request_rec *r,
 static char *ssl_var_lookup_ssl_cert_dn_oneline(apr_pool_t *p, request_rec *r,
                                                 X509_NAME *xsname)
 {
-    char *result;
+    char *result = NULL;
     SSLDirConfigRec *dc;
     int legacy_format = 0;
     if (r) {
@@ -414,9 +414,11 @@ static char *ssl_var_lookup_ssl_cert_dn_oneline(apr_pool_t *p, request_rec *r,
             return NULL;
         X509_NAME_print_ex(bio, xsname, 0, flags);
         n = BIO_pending(bio);
-        result = apr_palloc(p, n+1);
-        n = BIO_read(bio, result, n);
-        result[n] = NUL;
+        if (n > 0) {
+            result = apr_palloc(p, n+1);
+            n = BIO_read(bio, result, n);
+            result[n] = NUL;
+        }
         BIO_free(bio);
     }
     return result;