Skip to content

Commit

Permalink
Improve cert file parsing
Browse files Browse the repository at this point in the history 
Add error handling for empty PEM data bytes slice scenario
that can occur when evaluating an effectively empty
certificate file.

refs smallstep/certinfo#38
  • Loading branch information
@atc0005
atc0005 committed Nov 14, 2023
1 parent 9147fe6 commit 6fb01b9
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions internal/certs/certs.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -297,10 +297,15 @@ func GetCertsFromFile(filename string) ([]*x509.Certificate, []byte, error) {
// Grab the first PEM formatted block in our PEM cert file data.
block, rest := pem.Decode(pemData)

// we should get something on the first attempt
if block == nil {
switch {
case block == nil:
return nil, nil, fmt.Errorf(
"failed to decode %s as PEM formatted certificate file; potentially malformed certificate",
filename,
)
case len(block.Bytes) == 0:
return nil, nil, fmt.Errorf(
"failed to decode %s as PEM formatted certificate file",
"failed to decode %s as PEM formatted certificate file; potentially empty certificate file",
filename,
)
}
Expand Down

0 comments on commit 6fb01b9

Please sign in to comment.