Commit 08cb175a authored by Daniel P. Berrangé's avatar Daniel P. Berrangé
Browse files

crypto: avoid passing NULL to access() syscall 



The qcrypto_tls_creds_x509_sanity_check() checks whether
certs exist by calling access(). It is valid for this
method to be invoked with certfile==NULL though, since
for client credentials the cert is optional. This caused
it to call access(NULL), which happens to be harmless on
current Linux, but should none the less be avoided.

Signed-off-by: default avatarDaniel P. Berrange <berrange@redhat.com>
parent 7b35030e

crypto/tlscredsx509.c

+2 −1
Original line number Diff line number Diff line
@@ -485,7 +485,8 @@ qcrypto_tls_creds_x509_sanity_check(QCryptoTLSCredsX509 *creds, 
    int ret = -1;



    memset(cacerts, 0, sizeof(cacerts));

    if (access(certFile, R_OK) == 0) {

    if (certFile &&

        access(certFile, R_OK) == 0) {

        cert = qcrypto_tls_creds_load_cert(creds,

                                           certFile, isServer,

                                           errp);