Wrong Error Check position in function SSL_get_peer_certificate()

[lc3412]

Hi,
Function SSL_get_peer_certificate() returns a pointer to an X509 certificate on success or NULL on error. However, the function SSL_get_peer_certificate() in irssi/src/core/network-openssl.c didn't check the return value is NULL or not, before passing the return value as an argument to the function X509_get_X509_PUBKEY(). See the following details:

=================================================================================

X509_get_X509_PUBKEY() doesn't check the argument which is the return value of function SSL_get_peer_certificate() is NULL or not before using it.

Ref: https://github.com/openssl/openssl/blob/master/crypto/x509/x509_set.c

=================================================================================

Anyhow, the safest behavior is checking the return value of function SSL_get_peer_certificate() first , then passing the return value as an argument to function X509_get_X509_PUBKEY(). See the following details:

cert = SSL_get_peer_certificate(chan->ssl);
if (cert == NULL) {
g_warning("TLS server supplied no certificate");
ret = 0;
goto done;
}
pubkey = X509_get_X509_PUBKEY(cert);

=================================================================================

Chi Li, Zuxing Gu, Jiecheng Wu

[ailin-nemui]

@lc3412 please improve your issue reporting by using github's source code links instead of screenshots

example:
https://github.com/irssi/irssi/blob/a7af259dd1ded503460458bf8042c47060fa153d/src/core/network-openssl.c#L857-L863

also code block your examples with

```

while you're at it, why not submit Pull Requests fixing the issue instead?

[lc3412]

Thanks for your suggestion. I will submit PR as soon as possible.