From d8fb8d92168279d2df1d86ba1cb474d66829a8e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrien=20B=C3=A9raud?= <adrien.beraud@savoirfairelinux.com>
Date: Thu, 7 Dec 2023 10:08:38 -0500
Subject: [PATCH] certstore: avoid accessing invalid iterator
In the else branch, `s` is always an invalid iterator.
Use `us` instead.
Change-Id: Ib517dce22f3bde103f753b325e919f86db299623
---
src/security/certstore.cpp | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/src/security/certstore.cpp b/src/security/certstore.cpp
index 0c2f0e8..8bd9236 100644
--- a/src/security/certstore.cpp
+++ b/src/security/certstore.cpp
@@ -604,12 +604,14 @@ TrustStore::getCertificateStatus(const std::string& cert_id) const
auto cert = certStore_.getCertificate(cert_id);
if (!cert)
return PermissionStatus::UNDEFINED;
- auto allowed = false; auto found = false;
+ auto allowed = false;
+ auto found = false;
while (cert) {
auto s = certStatus_.find(cert->getId().toString());
if (s != std::end(certStatus_)) {
if (!found) {
- found = true; allowed = true; // we need to find at least a certificate
+ found = true;
+ allowed = true; // we need to find at least a certificate
}
allowed &= s->second.second.allowed;
if (!allowed)
@@ -618,10 +620,11 @@ TrustStore::getCertificateStatus(const std::string& cert_id) const
auto us = unknownCertStatus_.find(cert->getId().toString());
if (us != std::end(unknownCertStatus_)) {
if (!found) {
- found = true; allowed = true; // we need to find at least a certificate
+ found = true;
+ allowed = true; // we need to find at least a certificate
}
- allowed &= s->second.second.allowed;
- if (!us->second.allowed)
+ allowed &= us->second.allowed;
+ if (!allowed)
return PermissionStatus::BANNED;
}
}
--
GitLab