Make NID-to-string routine safer

Eliminate the possibility of a null pointer dereference by converting
short names to `Maybe String`.

2 files changed, 11 insertions, 8 deletions

diff --git a/src/BTLS/BoringSSL/Obj.chs b/src/BTLS/BoringSSL/Obj.chs
index a337ad5..7e132e7 100644
--- a/src/BTLS/BoringSSL/Obj.chs
+++ b/src/BTLS/BoringSSL/Obj.chs
@@ -16,8 +16,15 @@ module BTLS.BoringSSL.Obj
   ( objNID2SN
   ) where
 
-import Foreign.C (CString)
+import Foreign (nullPtr)
+import Foreign.C (CString, peekCString)
 
 #include <openssl/obj.h>
 
-{#fun pure OBJ_nid2sn as objNID2SN {`Int'} -> `CString'#}
+{#fun pure OBJ_nid2sn as objNID2SN
+  {`Int'} -> `Maybe String' peekCStringOrNull*#}
+
+peekCStringOrNull :: CString -> IO (Maybe String)
+peekCStringOrNull ptr
+  | ptr == nullPtr = return Nothing
+  | otherwise      = Just <$> peekCString ptr
diff --git a/src/BTLS/Types.hs b/src/BTLS/Types.hs
index 7a821f8..03f9083 100644
--- a/src/BTLS/Types.hs
+++ b/src/BTLS/Types.hs
@@ -14,9 +14,7 @@
 
 module BTLS.Types where
 
-import Foreign (Ptr, nullPtr)
-import Foreign.C (peekCString)
-import Foreign.Marshal.Unsafe (unsafeLocalState)
+import Foreign (Ptr)
 
 import BTLS.BoringSSL.Base (EVPMD)
 import BTLS.BoringSSL.Digest (evpMDType)
@@ -29,6 +27,4 @@ instance Eq Algorithm where
   Algorithm a == Algorithm b = evpMDType a == evpMDType b
 
 instance Show Algorithm where
-  show (Algorithm md) =
-    let sn = objNID2SN (evpMDType md) in
-    if sn == nullPtr then "<algorithm>" else unsafeLocalState (peekCString sn)
+  show (Algorithm md) = maybe "<algorithm>" id (objNID2SN (evpMDType md))