On Mon, 15 Aug 2011, Kamil Dudka wrote:
the attached patch allows curl to initialize SSL, even if the NSS database
is broken. Originally reported at https://bugzilla.redhat.com/728562 .
Any feedback welcome!
I only have one comment that isn't even strictly on topic but I came to think
of it now when reading the patch. This particular code is however now new.
+ char *certpath = PR_smprintf("%s%s", use_sql ? "sql:" : "", cert_dir);
The code doesn't check for failure, so in OOM situations the code following
this will read from NULL. That made me think if you shouldn't rather use our
own aprintf() instead of PR_smprintf() there as then we'd get that memory
allocation tested in our torture tests.
Either way, it should check 'certpath' for NULL.
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
