Author: kgiusti
Date: Mon Apr 22 14:25:54 2013
New Revision: 1470538
URL: http://svn.apache.org/r1470538
Log:
PROTON-299: fix SSL off-by-one pointer bug
Modified:
qpid/proton/trunk/proton-c/src/ssl/openssl.c
Modified: qpid/proton/trunk/proton-c/src/ssl/openssl.c
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/proton-c/src/ssl/openssl.c?rev=1470538&r1=1470537&r2=1470538&view=diff
==============================================================================
--- qpid/proton/trunk/proton-c/src/ssl/openssl.c (original)
+++ qpid/proton/trunk/proton-c/src/ssl/openssl.c Mon Apr 22 14:25:54 2013
@@ -199,15 +199,14 @@ static int ssl_failed(pn_ssl_t *ssl)
static bool match_dns_pattern( const char *hostname,
const char *pattern, int plen )
{
-
+ int slen = (int) strlen(hostname);
if (memchr( pattern, '*', plen ) == NULL)
- return (plen == (int) strlen(hostname) &&
+ return (plen == slen &&
strncasecmp( pattern, hostname, plen ) == 0);
/* dns wildcarded pattern - RFC2818 */
char plabel[64]; /* max label length < 63 - RFC1034 */
char slabel[64];
- int slen = strlen(hostname);
while (plen > 0 && slen > 0) {
const char *cptr;
@@ -218,7 +217,8 @@ static bool match_dns_pattern( const cha
if (len > (int) sizeof(plabel) - 1) return false;
memcpy( plabel, pattern, len );
plabel[len] = 0;
- pattern = cptr + 1;
+ if (cptr) ++len; // skip matching '.'
+ pattern += len;
plen -= len;
cptr = (const char *) memchr( hostname, '.', slen );
@@ -226,7 +226,8 @@ static bool match_dns_pattern( const cha
if (len > (int) sizeof(slabel) - 1) return false;
memcpy( slabel, hostname, len );
slabel[len] = 0;
- hostname = cptr + 1;
+ if (cptr) ++len; // skip matching '.'
+ hostname += len;
slen -= len;
char *star = strchr( plabel, '*' );
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org
For additional commands, e-mail: commits-h...@qpid.apache.org
