From c57ebf917e30afd78dac8042552966811531c632 Mon Sep 17 00:00:00 2001
From: Nikias Bassen
Date: Tue, 28 Jul 2009 14:59:07 +0200
Subject: Fix potential memory corruption in calls to gnutls function on 64 bit
 arch

[#60 state:resolved]

Signed-off-by: Matt Colyer <matt@colyer.name>
---
 src/lockdown.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src/lockdown.c')

diff --git a/src/lockdown.c b/src/lockdown.c
index bc430c9..88ab7b0 100644
--- a/src/lockdown.c
+++ b/src/lockdown.c
@@ -954,10 +954,12 @@ lockdownd_error_t lockdownd_gen_pair_cert(gnutls_datum_t public_key, gnutls_datu
 
 				if (LOCKDOWN_E_SUCCESS == ret) {
 					/* if everything went well, export in PEM format */
+					size_t export_size = 0;
 					gnutls_datum_t dev_pem = { NULL, 0 };
-					gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &dev_pem.size);
-					dev_pem.data = gnutls_malloc(dev_pem.size);
-					gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &dev_pem.size);
+					gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &export_size);
+					dev_pem.data = gnutls_malloc(export_size);
+					gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &export_size);
+					dev_pem.size = export_size;
 
 					gnutls_datum_t pem_root_cert = { NULL, 0 };
 					gnutls_datum_t pem_host_cert = { NULL, 0 };
-- 
cgit v1.1-32-gdbae