Exception happens during dump cert
Curl wants to dump a certificate from cert chain. But the certificate string doesn't have "\0" at the end(OpenSSL returned the starting address and the length of the cert). So the exception happens during do strlen() operation.
The problem is introduced from Curl 7.32.0. Checked the codes in Curl7.33.0. The problem should not be fixed in the latest version.
Function call steps about dumpcert:
static void dumpcert(struct SessionHandle data, X509 x, int numcert) // Ssluse.c
--> Curl_ssl_push_certinfo_len(data, numcert, "Cert", biomem->data, biomem->length); // Sslgen.c
// biomem->data is the starting address of certificate.
// biomem->length is the length of certificate.
--> curl_maprintf("%s:%.s", label, valuelen, value); // Mprinft.c
// valuelen is the length of certificate.
// value is the starting address of certificate.
--> dprintf_formatf(&info, alloc_addbyter, format, ap_save); // Mprinft.c
str = (char ) p->data.str; // "str" is the starting address of certificate.
len = strlen(str); // If the "str" is not terminate with "\0", an exception maybe happens.
strlen() pops up exception in my core dump.
Crul version: 7.32.0
OpenSSL version: 1.0.1e
Platform: Win7 X86