commit db2bbbfef8bac6f0438d475e68a24cc950a778ae
parent 516c3bfa997dcb8da355225b8f43020ace39cf57
Author: Oswald Buddenhagen <ossi@users.sf.net>
Date: Mon, 5 Apr 2010 13:06:58 +0200
fix uninitialized variable read
this is basically a security fix for nonsensical configurations:
if the specified CertificateFile did not contain any certificates,
we *might* have accepted an arbitrary server certificate.
Diffstat:
1 file changed, 1 insertion(+), 0 deletions(-)
diff --git a/src/drv_imap.c b/src/drv_imap.c
@@ -255,6 +255,7 @@ verify_cert( imap_store_t *ctx )
srvc->cert_file, strerror( errno ) );
return 0;
}
+ err = -1;
for (lcert = 0; READ_X509_KEY( fp, &lcert ); )
if (!(err = compare_certificates( lcert, cert, md, n )))
break;
