[Webkit-unassigned] [Bug 124569] [curl] Improve ssl certificate storage and check
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Nov 19 16:54:28 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=124569
--- Comment #1 from Brent Fulgham <bfulgham at webkit.org> 2013-11-19 16:53:02 PST ---
(From update of attachment 217277)
View in context: https://bugs.webkit.org/attachment.cgi?id=217277&action=review
Looks good overall. I have some concern about the BIO_get_mem_data call (though I realize this wasn't code you added). Can you review and let me know what you think?
> Source/WebCore/platform/network/curl/SSLHandle.cpp:146
> + unsigned char *certificateData;
unsigned char* certificateData;
> Source/WebCore/platform/network/curl/SSLHandle.cpp:147
> + long len = BIO_get_mem_data(bio, &certificateData);
The BIO_get_mem_data documentation is pretty weak. Does it ever return a negative value? If not, why is the return value signed? If it is negative, then the following code will do bad things.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list