search

square / certigo

A utility to examine and validate certificates in a variety of formats
Apache License 2.0
940 stars 71 forks source link

certigo connect dereferences nil when using Postgres StartTLS #234

Closed elyscape closed 3 years ago

elyscape commented 3 years ago

When trying to use certigo connect -t postgres, the following happens:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x13d95d3]
goroutine 1 [running]:
github.com/square/certigo/starttls.GetConnectionState(0x7ffeefbff963, 0x4, 0x0, 0x0, 0x7ffeefbff968, 0xe, 0x150977e, 0x7, 0x0, 0x0, ...)
    /private/tmp/certigo-20200303-20580-1o9foqt/certigo-1.12.1/starttls/starttls.go:258 +0x3b3
github.com/square/certigo/cli.Run(0xc0000200b0, 0x4, 0x4, 0x15c2ce0, 0xc0000101e8, 0x0)
    /private/tmp/certigo-20200303-20580-1o9foqt/certigo-1.12.1/cli/cli.go:131 +0xbb4
main.main()
    /private/tmp/certigo-20200303-20580-1o9foqt/certigo-1.12.1/main.go:27 +0xae

This is because the final return statement of starttls.GetConnectionState dereferences cri (a double-pointer), which unfortunately is never initialized when using Postgres StartTLS. In theory this could also happen above during the check for old versions of TLS, but I haven't tested that codepath.

elyscape commented 3 years ago

@mbyczkowski Any chance of a new release with the fix for this issue included?

mbyczkowski commented 2 years ago

@elyscape sorry it took a while, but we just released a new version of certigo.