BoringSSL: Fix PKCS12_parse() segfault when used without password Unlike OpenSSL PKCS12_parse(), the BoringSSL version seems to require the password pointer to be non-NULL even if no password is present. Map passwrd == NULL to passwd = "" to avoid a NULL pointer dereference within BoringSSL. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

commit: c07e7b43e91f8058b38e5534a53302f69d037dc8 [log] [tgz]
author: Jouni Malinen <jouni@qca.qualcomm.com> Tue Aug 18 02:06:02 2015 +0300
committer: Jouni Malinen <j@w1.fi> Tue Aug 18 02:06:02 2015 +0300
tree: 9da9489686c936e72c803d7e19b83da72ac00f0c
parent: a89beee589c79229b74a94cff8c79201d8b8503b [diff]
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index e3f8401..8c2df22 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c

@@ -2076,6 +2076,8 @@
 	pkey = NULL;
 	cert = NULL;
 	certs = NULL;
+	if (!passwd)
+		passwd = "";
 	if (!PKCS12_parse(p12, passwd, &pkey, &cert, &certs)) {
 		tls_show_errors(MSG_DEBUG, __func__,
 				"Failed to parse PKCS12 file");
commit	c07e7b43e91f8058b38e5534a53302f69d037dc8	[log] [tgz]
author	Jouni Malinen <jouni@qca.qualcomm.com>	Tue Aug 18 02:06:02 2015 +0300
committer	Jouni Malinen <j@w1.fi>	Tue Aug 18 02:06:02 2015 +0300
tree	9da9489686c936e72c803d7e19b83da72ac00f0c
parent	a89beee589c79229b74a94cff8c79201d8b8503b [diff]