https://issues.apache.org/bugzilla/show_bug.cgi?id=49264
Summary: crash in DSIGKeyInfoX509::appendX509Certificate
Product: Security
Version: C++ 1.6.0
Platform: PC
OS/Version: Windows Vista
Status: NEW
Severity: normal
Priority: P2
Component: C++ Signature
AssignedTo: security-dev@xml.apache.org
ReportedBy: hagelkr...@a-trust.at
when i pass an base64 encoded certificate to appendX509Certificate the function
crashes. This problem exists since i upgraded to the trunk version (before it,
i used version 1.3.1 of xml-sec).
I have fixed the code by removing the ArrayJanitor and releasing the charX509
by myself:
void DSIGKeyInfoX509::appendX509Certificate(const XMLCh * base64Certificate) {
/* ... some code */
X509Holder * h;
XSECnew(h, X509Holder);
m_X509List.push_back(h);
h->mp_encodedX509 = b64Txt->getNodeValue();
h->mp_cryptoX509 = XSECPlatformUtils::g_cryptoProvider->X509();
char * charX509 = XMLString::transcode(h->mp_encodedX509);
//ArrayJanitor<char> j_charX509(charX509); //removed
h->mp_cryptoX509->loadX509Base64Bin(charX509, (unsigned int) strlen(charX509));
XMLString::release(&charX509); //added instead of ArrayJanitor
}
I am using xerces-c 2.8, i have not tried this code with the xerces-c-3.
Maybe someone can verify this crash :)
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
