Skip to content

Commit

Permalink
Coverity Fix (#2236)
Browse files Browse the repository at this point in the history 
### Issues:
`P204971226`

### Description of changes: 
Add a explicit null check to ensure a valid leaf cert exists. We know in
current usage this will always be the case. Null check added for
future-proofing.

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.
  • Loading branch information
@smittals2
smittals2 authored Mar 5, 2025
1 parent 2c1b35b commit 8491eb5
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion ssl/ssl_cert.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -286,7 +286,12 @@ static int cert_set_chain_and_key(
return 0;
}

switch (check_leaf_cert_and_privkey(sk_CRYPTO_BUFFER_value(certs.get(), 0), privkey)) {
CRYPTO_BUFFER *leaf_buf = sk_CRYPTO_BUFFER_value(certs.get(), 0);
if (leaf_buf == nullptr) {
return 0;
}

switch (check_leaf_cert_and_privkey(leaf_buf, privkey)) {
case leaf_cert_and_privkey_error:
return 0;
case leaf_cert_and_privkey_mismatch:
Expand Down

0 comments on commit 8491eb5

Please sign in to comment.