Review of X509-related code

[GoogleCodeExporter]

This is not a bug, but a proposed patch.

This patch concerns certificate-related code in helper.c, kad_contacts.c, and 
x509_flat.c.

Lines 314,363, and 500 fix present bugs: uninitialized memory, memory leak, 
NULL pointer dereference.

The rest is hardening against future potential memory bugs. Calls to malloc() 
are hardened against potential integer overflows. Whenever possible, 
free_X509_flat() should now be used without hesitation (no fear of double-free, 
etc.), and all related pointers should be initialized to NULL.

Compiles cleanly, but not tested.

Copyright dedicated to the original authors of phantom.

Original issue reported on code.google.com by mansourm...@gmail.com on 6 Apr 2011 at 1:06

[GoogleCodeExporter]

Thank you for your interest in Phantom and your patch.

Original comment by spjss...@gmail.com on 6 Apr 2011 at 7:21

• Changed state: Started

[GoogleCodeExporter]

Patch applied.

Original comment by spjss...@gmail.com on 6 Apr 2011 at 7:22

• Changed state: Fixed

[GoogleCodeExporter]

Oops, the previous patch had a couple mistakes in it (SIZE_MAX and fscanf). How 
embarrassing... Should be fixed now.

Original comment by mansourm...@gmail.com on 11 Apr 2011 at 8:57

Attachments:

• x509.patch

[GoogleCodeExporter]

Thank you for this excellent project. The protocol and implementation are both 
very interesting.

Original comment by mansourm...@gmail.com on 11 Apr 2011 at 8:59

[GoogleCodeExporter]

Thank you for your updated patch. I wil ltry to find some time to set up a 
Phantom testing environment again so I can catch those errors next time 
hopefully.

Original comment by spjss...@gmail.com on 12 Apr 2011 at 4:22

[GoogleCodeExporter]

Thank you for your updated patch. I wil ltry to find some time to set up a 
Phantom testing environment again so I can catch those errors next time 
hopefully.

Original comment by spjss...@gmail.com on 12 Apr 2011 at 4:23