summaryrefslogtreecommitdiff
path: root/pkg/curl/patch/0002-bearssl-Remove-unnecessary-CA-blob-length-check.patch
blob: 6c48f4ed9f7e9a38d82ab4aaeebd4c6f4e608eb5 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

From f91719c41ecf96fe661a3fa03b5d22b8e6d52402 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Mon, 15 Nov 2021 13:10:02 -0800
Subject: [PATCH] bearssl: Remove unnecessary CA blob length check

BearSSL APIs take a size_t length parameter, so unlike OpenSSL,
there is no conversion to int and no reason to check that it's less
than INT_MAX.
---
 lib/vtls/bearssl.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c
index 934149c..32d9a5b 100644
--- a/lib/vtls/bearssl.c
+++ b/lib/vtls/bearssl.c
@@ -133,9 +133,6 @@ static CURLcode load_cafile(struct cafile_source *source,
       return CURLE_SSL_CACERT_BADFILE;
   }
 
-  if(source->type == CAFILE_SOURCE_BLOB && source->len > (size_t)INT_MAX)
-    return CURLE_SSL_CACERT_BADFILE;
-
   ca.err = CURLE_OK;
   ca.in_cert = FALSE;
   ca.anchors = NULL;
-- 
2.42.0
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-13 09:25:14 +0000