From 8ac48890e98a4974980b8ca3d5e90a2e52c1a624 Mon Sep 17 00:00:00 2001
From: Benjamin Barenblat <bbaren@google.com>
Date: Fri, 28 Sep 2018 18:31:33 -0400
Subject: Make NID-to-string routine safer

Eliminate the possibility of a null pointer dereference by converting
short names to `Maybe String`.
---
 src/BTLS/BoringSSL/Obj.chs | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'src/BTLS/BoringSSL/Obj.chs')

diff --git a/src/BTLS/BoringSSL/Obj.chs b/src/BTLS/BoringSSL/Obj.chs
index a337ad5..7e132e7 100644
--- a/src/BTLS/BoringSSL/Obj.chs
+++ b/src/BTLS/BoringSSL/Obj.chs
@@ -16,8 +16,15 @@ module BTLS.BoringSSL.Obj
   ( objNID2SN
   ) where
 
-import Foreign.C (CString)
+import Foreign (nullPtr)
+import Foreign.C (CString, peekCString)
 
 #include <openssl/obj.h>
 
-{#fun pure OBJ_nid2sn as objNID2SN {`Int'} -> `CString'#}
+{#fun pure OBJ_nid2sn as objNID2SN
+  {`Int'} -> `Maybe String' peekCStringOrNull*#}
+
+peekCStringOrNull :: CString -> IO (Maybe String)
+peekCStringOrNull ptr
+  | ptr == nullPtr = return Nothing
+  | otherwise      = Just <$> peekCString ptr
-- 
cgit v1.2.3