From db2bbbfef8bac6f0438d475e68a24cc950a778ae Mon Sep 17 00:00:00 2001 From: Oswald Buddenhagen Date: Mon, 5 Apr 2010 13:06:58 +0200 Subject: [PATCH] fix uninitialized variable read this is basically a security fix for nonsensical configurations: if the specified CertificateFile did not contain any certificates, we *might* have accepted an arbitrary server certificate. --- src/drv_imap.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/drv_imap.c b/src/drv_imap.c index 1090862..a71c1a3 100644 --- a/src/drv_imap.c +++ b/src/drv_imap.c @@ -255,6 +255,7 @@ verify_cert( imap_store_t *ctx ) srvc->cert_file, strerror( errno ) ); return 0; } + err = -1; for (lcert = 0; READ_X509_KEY( fp, &lcert ); ) if (!(err = compare_certificates( lcert, cert, md, n ))) break;