sipp11
/
mbsync
mirror of https://git.code.sf.net/p/isync/isync
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

fix uninitialized variable read 

this is basically a security fix for nonsensical configurations:
if the specified CertificateFile did not contain any certificates,
we *might* have accepted an arbitrary server certificate.
wip/maildir-uid-dupes-test
Oswald Buddenhagen 15 years ago
parent
516c3bfa99
commit
db2bbbfef8
1 changed files with 1 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      src/drv_imap.c

1
src/drv_imap.c
Unescape View File

@ -255,6 +255,7 @@ verify_cert( imap_store_t *ctx )
srvc->cert_file, strerror( errno ) );
return 0;
}
err = -1;
for (lcert = 0; READ_X509_KEY( fp, &lcert ); )
if (!(err = compare_certificates( lcert, cert, md, n )))
break;

Write Preview
Loading…
Cancel
Save