From 41ef264e88151fa14c870371a04edea1a99b3469 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20W=C3=A4ckerlin?= <marc@mrw.sh>
Date: Mon, 5 Sep 2011 08:35:05 +0000
Subject: [PATCH] some bugs fixed; closes #13

---
 src/openssl.hxx | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/openssl.hxx b/src/openssl.hxx
index 7a6b111..93bea71 100644
--- a/src/openssl.hxx
+++ b/src/openssl.hxx
@@ -379,7 +379,8 @@ namespace openssl {
               " certificate the issuer certificate could not be found: this"
               " occurs if the issuer certificate of an untrusted certificate"
               " cannot be found.";
-          case X509_V_ERR_UNABLE_TO_GET_CRL: "X509_V_ERR_UNABLE_TO_GET_CRL:"
+          case X509_V_ERR_UNABLE_TO_GET_CRL:
+            return "X509_V_ERR_UNABLE_TO_GET_CRL:"
               " unable to get certificate CRL the CRL of a certificate could"
               " not be found. Unused.";
           case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
@@ -865,6 +866,10 @@ namespace openssl {
               tag and length in the first two char-fields. */
         unsigned char* c(0);
         int len(i2d_X509(_x509, &c));
+        if (len<15 || len<15+c[14]) {
+          OPENSSL_free(c);
+          return std::string();
+        }
         std::string res((char*)c+15, c[14]);
         OPENSSL_free(c);
         return res;
@@ -1317,7 +1322,7 @@ namespace openssl {
       TCP& write(const std::string& s) {
         OPENSSL_LOG("log");
         if (_bio<=0) throw tcp_closed_connection();
-        int x(BIO_write(_bio, s.begin().operator->(), s.size()));
+        unsigned int x(BIO_write(_bio, s.begin().operator->(), s.size()));
         if (x<=0)
           if (BIO_should_retry(_bio)) return write(s);
           else {