diff --git a/ChangeLog b/ChangeLog index 582a9df2c..0d40eb8d5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -47,6 +47,8 @@ Bugfix * Fix potential undefined behaviour in Camellia. * Fix potential failure in ECDSA signatures when POLARSSL_ECP_MAX_BITS is a multiple of 8 (found by Gergely Budai). + * Fix unchecked return code in x509_crt_parse_path() on Windows (found by + Peter Vaskovic). Changes * Use deterministic nonces for AEAD ciphers in TLS by default (possible to diff --git a/library/x509_crt.c b/library/x509_crt.c index 84d529793..31e3bc43d 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -990,6 +990,8 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir, MAX_PATH - 3 ); + if( w_ret == 0 ) + return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); hFind = FindFirstFileW( szDir, &file_data ); if( hFind == INVALID_HANDLE_VALUE ) @@ -1007,6 +1009,8 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) lstrlenW( file_data.cFileName ), p, len - 1, NULL, NULL ); + if( w_ret == 0 ) + return( POLARSSL_ERR_X509_FILE_IO_ERROR ); w_ret = x509_crt_parse_file( chain, filename ); if( w_ret < 0 )