pkcs11_load_cert() seg fault

[kdrenard]

version 0.1.5

in pkcs11_load_cert(), if the selection of the certificate fails, and "selected_cert" ends up as NULL in the comparison on line 512 of engine_pkcs11.c, a call is made to clean up and release all the slots with PKCS11_release_all_slots(). This call to release the slots uses the 'count' variable which has been reset to the number of certificates. For example, I have 1 slot with 3 certs. If I try to load cert id "0009", which does not exist, PKCS11_release_all_slots() tries to release 3 slots (since it found 3 certs).

I have fixed in my copy of the code by spltting the 'count' variable into 'slot_count' and 'cert_count' variables and using the appropriate ones in the right places.

Thanks!

[ludovic]

Can you add your patch to the bug report please?

[kdrenard]

Replying to ludovic:

Can you add your patch to the bug report please?

Done! Thanks!

Question: CMD_LOAD_CERT_CTRL is flagged as 'INTERNAL'. Any reason for this? I think it would be very useful to external callers.

-Ken

[ludovic]

Replying to kdrenard:

Replying to ludovic:

Can you add your patch to the bug report please?

Done! Thanks!

Please use "diff -unified" to generate the patch and send it again.

Question: CMD_LOAD_CERT_CTRL is flagged as 'INTERNAL'. Any reason for this? I think it would be very useful to external callers.

No idea. You should open another bug for that question.

[kdrenard]

Unified Diff

[martin]

Commited in [112]. Thanks!