summaryrefslogtreecommitdiff
path: root/utils/ssl_certs.c
diff options
context:
space:
mode:
Diffstat (limited to 'utils/ssl_certs.c')
-rw-r--r--utils/ssl_certs.c35
1 files changed, 28 insertions, 7 deletions
diff --git a/utils/ssl_certs.c b/utils/ssl_certs.c
index d0f2a6c18..8546165ac 100644
--- a/utils/ssl_certs.c
+++ b/utils/ssl_certs.c
@@ -248,12 +248,23 @@ nserror cert_chain_to_query(struct cert_chain *chain, struct nsurl **url_out )
urlstrlen = snprintf((char *)urlstr, allocsize, "about:certificate");
for (depth = 0; depth < chain->depth; depth++) {
+ int written;
nsuerror nsures;
size_t output_length;
- urlstrlen += snprintf((char *)urlstr + urlstrlen,
- allocsize - urlstrlen,
- "&cert=");
+ written = snprintf((char *)urlstr + urlstrlen,
+ allocsize - urlstrlen,
+ "&cert=");
+ if (written < 0) {
+ free(urlstr);
+ return NSERROR_UNKNOWN;
+ }
+ if ((size_t)written >= allocsize - urlstrlen) {
+ free(urlstr);
+ return NSERROR_UNKNOWN;
+ }
+
+ urlstrlen += (size_t)written;
output_length = allocsize - urlstrlen;
nsures = nsu_base64_encode_url(
@@ -268,10 +279,20 @@ nserror cert_chain_to_query(struct cert_chain *chain, struct nsurl **url_out )
urlstrlen += output_length;
if (chain->certs[depth].err != SSL_CERT_ERR_OK) {
- urlstrlen += snprintf((char *)urlstr + urlstrlen,
- allocsize - urlstrlen,
- "&certerr=%d",
- chain->certs[depth].err);
+ written = snprintf((char *)urlstr + urlstrlen,
+ allocsize - urlstrlen,
+ "&certerr=%d",
+ chain->certs[depth].err);
+ if (written < 0) {
+ free(urlstr);
+ return NSERROR_UNKNOWN;
+ }
+ if ((size_t)written >= allocsize - urlstrlen) {
+ free(urlstr);
+ return NSERROR_UNKNOWN;
+ }
+
+ urlstrlen += (size_t)written;
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-28 04:17:37 +0000