#3899: mutt_ssl's interactive_check_cert() has several issues
-----------------------+----------------------
Reporter: kevin8t8 | Owner: mutt-dev
Type: defect | Status: closed
Priority: major | Milestone:
Component: crypto | Version:
Resolution: fixed | Keywords:
-----------------------+----------------------
Comment (by derekmartin):
If I were going to take the time to make this code "nice" I would write a
function that takes a MUTTMENU *, and some sprintf-like arguments, and
allocates whatever memory is needed a la snprintf() [Sorry for the lack of
accents Vincent, hard to type them here.] :)
Then nearly all of interactive_check_cert() goes away, and is replaced
with code like:
{{{
mutt_menu_add_row(menu, "%s", _("This certificate belongs to:"));
mutt_menu_add_row(menu, " %s", x509_get_part(issuer,
NID_commonName));
[...]
}}}
The cert field bits would still make sense to put in a helper function
since there is the issuer and the subject, and they use the same fields.
It would essentially be the same as the helper I already wrote except
replace calls to snprintf() with calls to mutt_menu_add_row(). No
counting, no macros, just simple, straightforward, bug-free code.
For what it's worth, also note that in the current checked-in version of
the function, none of the calls to snprintf() are checked. This is
probably OK since I don't believe any of the fields can be longer than
that, but it is not robust. Rows which exceed the size of SHORT_STRING
would therefore not be added to the menu, resulting in either a corrupted
or truncated dialog. That is, the row in question would be skipped and
its corresponding SHORT_STRING would be filled with NULLs.
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3899#comment:30>
Mutt <http://www.mutt.org/>
The Mutt mail user agent