0002-bearssl-Remove-unnecessary-CA-blob-length-check.patch (882B)
1 From f91719c41ecf96fe661a3fa03b5d22b8e6d52402 Mon Sep 17 00:00:00 2001 2 From: Michael Forney <mforney@mforney.org> 3 Date: Mon, 15 Nov 2021 13:10:02 -0800 4 Subject: [PATCH] bearssl: Remove unnecessary CA blob length check 5 6 BearSSL APIs take a size_t length parameter, so unlike OpenSSL, 7 there is no conversion to int and no reason to check that it's less 8 than INT_MAX. 9 --- 10 lib/vtls/bearssl.c | 3 --- 11 1 file changed, 3 deletions(-) 12 13 diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c 14 index 934149c..32d9a5b 100644 15 --- a/lib/vtls/bearssl.c 16 +++ b/lib/vtls/bearssl.c 17 @@ -133,9 +133,6 @@ static CURLcode load_cafile(struct cafile_source *source, 18 return CURLE_SSL_CACERT_BADFILE; 19 } 20 21 - if(source->type == CAFILE_SOURCE_BLOB && source->len > (size_t)INT_MAX) 22 - return CURLE_SSL_CACERT_BADFILE; 23 - 24 ca.err = CURLE_OK; 25 ca.in_cert = FALSE; 26 ca.anchors = NULL; 27 -- 28 2.42.0 29