mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-08-07 02:10:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add array bounds check for GetSslIdentity

Browse source
This commit is contained in:
Paul Kulchenko 2022-03-07 20:09:32 -08:00
parent 9af60298da
commit fc24b19248
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tool/net/redbean.c
View file

@ -3201,16 +3201,18 @@ static int LuaGetStatus(lua_State *L) {
static int LuaGetSslIdentity(lua_State *L) {
const mbedtls_x509_crt *cert;
OnlyCallDuringRequest(L, "GetSslIdentity");
if (!usessl)
if (!usessl) {
lua_pushnil(L);
else
} else {
if (sslpskindex) {
CHECK((sslpskindex-1) >= 0 && (sslpskindex-1) < psks.n);
lua_pushlstring(L, psks.p[sslpskindex-1].identity,
psks.p[sslpskindex-1].identity_len);
} else {
cert = mbedtls_ssl_get_peer_cert(&ssl);
lua_pushstring(L, cert ? gc(FormatX509Name(&cert->subject)) : "");
}
}
return 1;
}