From e218d8e5edccae61fa3a28dea46d66f054d43b58 Mon Sep 17 00:00:00 2001 From: Filip Navara Date: Thu, 3 Jun 2021 23:40:15 +0200 Subject: [PATCH] [iOS] Fix null dereference in AppleCryptoNative_SslIsHostnameMatch --- .../System.Security.Cryptography.Native.Apple/pal_ssl.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c index dada6ea..2b5d3a3 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c @@ -462,15 +462,18 @@ int32_t AppleCryptoNative_SslIsHostnameMatch(SSLContextRef sslContext, CFStringR { CFArrayRef statusCodes = CFDictionaryGetValue(CFArrayGetValueAtIndex(details,0), CFSTR("StatusCodes")); - OSStatus status = 0; - // look for first failure to keep it simple. Normally, there will be exactly one. - for (int i = 0; i < CFArrayGetCount(statusCodes); i++) + if (statusCodes != NULL) { - CFNumberGetValue(CFArrayGetValueAtIndex(statusCodes, i), kCFNumberSInt32Type, &status); - if (status != noErr) + OSStatus status = 0; + // look for first failure to keep it simple. Normally, there will be exactly one. + for (int i = 0; i < CFArrayGetCount(statusCodes); i++) { - *pOSStatus = status; - break; + CFNumberGetValue(CFArrayGetValueAtIndex(statusCodes, i), kCFNumberSInt32Type, &status); + if (status != noErr) + { + *pOSStatus = status; + break; + } } } } -- 2.7.4