X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Ffiles.c;h=8bf67cc3b4f3c169e573a59f3647db9e309f185d;hp=21c81660f973c122a5c6e97249978166d3179ddd;hb=d8fa415fcabecb7d7c8461d8edbe2f265911e72c;hpb=133705ee65f12c50698a6d8ae734681f4f48019f

diff --git a/tools/files.c b/tools/files.c
index 21c8166..8bf67cc 100644
--- a/tools/files.c
+++ b/tools/files.c
@@ -171,6 +171,7 @@ decode_pem(const void *src, size_t len, size_t *num)
 	const unsigned char *buf;
 	bvector bv = VEC_INIT;
 	int inobj;
+	int extra_nl;
 
 	*num = 0;
 	br_pem_decoder_init(&pc);
@@ -179,6 +180,7 @@ decode_pem(const void *src, size_t len, size_t *num)
 	po.name = NULL;
 	po.data = NULL;
 	po.data_len = 0;
+	extra_nl = 1;
 	while (len > 0) {
 		size_t tlen;
 
@@ -214,6 +216,19 @@ decode_pem(const void *src, size_t len, size_t *num)
 			VEC_CLEAREXT(pem_list, &free_pem_object_contents);
 			return NULL;
 		}
+
+		/*
+		 * We add an extra newline at the end, in order to
+		 * support PEM files that lack the newline on their last
+		 * line (this is somwehat invalid, but PEM format is not
+		 * standardised and such files do exist in the wild, so
+		 * we'd better accept them).
+		 */
+		if (len == 0 && extra_nl) {
+			extra_nl = 0;
+			buf = (const unsigned char *)"\n";
+			len = 1;
+		}
 	}
 	if (inobj) {
 		fprintf(stderr, "ERROR: unfinished PEM object\n");
@@ -300,3 +315,15 @@ read_certificates(const char *fname, size_t *num)
 	VEC_CLEAR(cert_list);
 	return xcs;
 }
+
+/* see brssl.h */
+void
+free_certificates(br_x509_certificate *certs, size_t num)
+{
+	size_t u;
+
+	for (u = 0; u < num; u ++) {
+		xfree(certs[u].data);
+	}
+	xfree(certs);
+}