diff options
author | Tim Jenssen <tim.jenssen@qt.io> | 2023-10-30 20:31:52 +0100 |
---|---|---|
committer | MÃ¥rten Nordheim <marten.nordheim@qt.io> | 2023-11-03 23:30:16 +0100 |
commit | 91fe6fb2e14f295c0020eb5e7f33444dfddbd7dd (patch) | |
tree | b19fc41a944aa6be5b18d3f56e7c3e6341f262a1 /src/plugins/tls/schannel/qtls_schannel.cpp | |
parent | ed7912dbe08d622374d11b0dbb1fd2250b99103b (diff) |
Schannel: Avoid crashing for unparsed certificate
Crash reports imply the `certBackend` we extract in
QSslCertificate_from_CERT_CONTEXT is null, which means that
something went wrong when parsing the certificate data we get from
the certificate chain.
We assume the rest is okay since it must be inside the bounds of the
length of the chain.
It's not clear why the certificate would be invalid, but it's better
to avoid the crash for now.
Pick-to: 6.5 6.6
Task-number: QTBUG-118569
Change-Id: I76ce07fc38bf82ef5c93097d839724ddee1edeef
Reviewed-by: Tim Jenssen <tim.jenssen@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Diffstat (limited to 'src/plugins/tls/schannel/qtls_schannel.cpp')
-rw-r--r-- | src/plugins/tls/schannel/qtls_schannel.cpp | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/plugins/tls/schannel/qtls_schannel.cpp b/src/plugins/tls/schannel/qtls_schannel.cpp index 2cc92f676b..728e885029 100644 --- a/src/plugins/tls/schannel/qtls_schannel.cpp +++ b/src/plugins/tls/schannel/qtls_schannel.cpp @@ -2422,6 +2422,15 @@ bool TlsCryptographSchannel::verifyCertContext(CERT_CONTEXT *certContext) for (DWORD i = 0; i < verifyDepth; i++) { CERT_CHAIN_ELEMENT *element = chain->rgpElement[i]; QSslCertificate certificate = getCertificateFromChainElement(element); + if (certificate.isNull()) { + const auto &previousCert = !peerCertificateChain.isEmpty() ? peerCertificateChain.last() + : QSslCertificate(); + auto error = QSslError(QSslError::SslError::UnableToGetIssuerCertificate, previousCert); + sslErrors += error; + emit q->peerVerifyError(error); + if (previousCert.isNull() || q->state() != QAbstractSocket::ConnectedState) + return false; + } const QList<QSslCertificateExtension> extensions = certificate.extensions(); #ifdef QSSLSOCKET_DEBUG |