From a96756b0b6b902c8902839c6b1804d42fef77c4e Mon Sep 17 00:00:00 2001
From: Andrew <36489577+recvfrom@users.noreply.github.com>
Date: Wed, 13 Feb 2019 17:19:47 -0500
Subject: [PATCH] Copy cert name for debug prints; fail better

Fail better if calling crtmgr_add fails when adding an
embedded certificate bc it matched a whitelist entry
---
 libclamav/asn1.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/libclamav/asn1.c b/libclamav/asn1.c
index d9f4dd1ad..79b1e46f2 100644
--- a/libclamav/asn1.c
+++ b/libclamav/asn1.c
@@ -1615,6 +1615,10 @@ static cl_error_t asn1_parse_mscat(struct cl_engine *engine, fmap_t *map, size_t
                     if (NULL != (crt = crtmgr_whitelist_lookup(cmgr, x509, 1))) {
                         cli_crt *tmp = x509->next;
                         cli_dbgmsg("asn1_parse_mscat: Directly whitelisting embedded cert based on %s\n", (crt->name ? crt->name : "(no name)"));
+                        if (cli_debug_flag && crt->name) {
+                            // Copy the name from the CRB entry for printing below
+                            x509->name = strdup(crt->name);
+                        }
                         if (crtmgr_add(cmgr, x509)) {
                             cli_dbgmsg("asn1_parse_mscat: adding x509 cert to crtmgr failed\n");
                             break;
@@ -1626,6 +1630,10 @@ static cl_error_t asn1_parse_mscat(struct cl_engine *engine, fmap_t *map, size_t
 
                     x509 = x509->next;
                 }
+                if (x509) {
+                    crtmgr_free(&newcerts);
+                    break;
+                }
                 x509 = newcerts.crts;
 
                 /* Now look for cases where embedded certs can be trusted