nss/patches/nsspem-596674.patch

   1 diff -up a/mozilla/security/nss/lib/ckfw/pem/pinst.c.596783 b/mozilla/security/nss/lib/ckfw/pem/pinst.c
   2 --- a/mozilla/security/nss/lib/ckfw/pem/pinst.c.596783  2010-06-06 18:27:27.256318318 -0700
   3 +++ b/mozilla/security/nss/lib/ckfw/pem/pinst.c 2010-06-06 20:45:28.158442982 -0700
   4 @@ -151,7 +151,7 @@ GetCertFields(unsigned char *cert, int c
   5      buf = issuer->data + issuer->len;
   6
   7      /* only wanted issuer/SN */
   8 -    if (valid == NULL) {
   9 +    if (subject == NULL || valid == NULL || subjkey == NULL) {
  10          return SECSuccess;
  11      }
  12      /* validity */
  13 @@ -219,53 +219,93 @@ CreateObject(CK_OBJECT_CLASS objClass,
  14          memset(&o->u.trust, 0, sizeof(o->u.trust));
  15          break;
  16      }
  17 +
  18 +    o->nickname = (char *) nss_ZAlloc(NULL, strlen(nickname) + 1);
  19 +    if (o->nickname == NULL)
  20 +        goto fail;
  21 +    strcpy(o->nickname, nickname);
  22 +
  23 +    sprintf(id, "%d", objid);
  24 +    len = strlen(id) + 1;       /* zero terminate */
  25 +    o->id.data = (void *) nss_ZAlloc(NULL, len);
  26 +    if (o->id.data == NULL)
  27 +        goto fail;
  28 +    (void) nsslibc_memcpy(o->id.data, id, len);
  29 +    o->id.size = len;
  30 +
  31      o->objClass = objClass;
  32      o->type = type;
  33      o->slotID = slotID;
  34 +
  35      o->derCert = nss_ZNEW(NULL, SECItem);
  36 +    if (o->derCert == NULL)
  37 +        goto fail;
  38      o->derCert->data = (void *) nss_ZAlloc(NULL, certDER->len);
  39 +    if (o->derCert->data == NULL)
  40 +        goto fail;
  41      o->derCert->len = certDER->len;
  42      nsslibc_memcpy(o->derCert->data, certDER->data, certDER->len);
  43
  44      switch (objClass) {
  45      case CKO_CERTIFICATE:
  46      case CKO_NETSCAPE_TRUST:
  47 -        GetCertFields(o->derCert->data,
  48 -                      o->derCert->len, &issuer, &serial,
  49 -                      &derSN, &subject, &valid, &subjkey);
  50 +        if (SECSuccess != GetCertFields(o->derCert->data, o->derCert->len,
  51 +                                        &issuer, &serial, &derSN, &subject,
  52 +                                        &valid, &subjkey))
  53 +            goto fail;
  54
  55          o->u.cert.subject.data = (void *) nss_ZAlloc(NULL, subject.len);
  56 +        if (o->u.cert.subject.data == NULL)
  57 +            goto fail;
  58          o->u.cert.subject.size = subject.len;
  59          nsslibc_memcpy(o->u.cert.subject.data, subject.data, subject.len);
  60
  61          o->u.cert.issuer.data = (void *) nss_ZAlloc(NULL, issuer.len);
  62 +        if (o->u.cert.issuer.data == NULL) {
  63 +            nss_ZFreeIf(o->u.cert.subject.data);
  64 +            goto fail;
  65 +        }
  66          o->u.cert.issuer.size = issuer.len;
  67          nsslibc_memcpy(o->u.cert.issuer.data, issuer.data, issuer.len);
  68
  69          o->u.cert.serial.data = (void *) nss_ZAlloc(NULL, serial.len);
  70 +        if (o->u.cert.serial.data == NULL) {
  71 +            nss_ZFreeIf(o->u.cert.issuer.data);
  72 +            nss_ZFreeIf(o->u.cert.subject.data);
  73 +            goto fail;
  74 +        }
  75          o->u.cert.serial.size = serial.len;
  76          nsslibc_memcpy(o->u.cert.serial.data, serial.data, serial.len);
  77          break;
  78      case CKO_PRIVATE_KEY:
  79          o->u.key.key.privateKey = nss_ZNEW(NULL, SECItem);
  80 +        if (o->u.key.key.privateKey == NULL)
  81 +            goto fail;
  82          o->u.key.key.privateKey->data =
  83              (void *) nss_ZAlloc(NULL, keyDER->len);
  84 +        if (o->u.key.key.privateKey->data == NULL) {
  85 +            nss_ZFreeIf(o->u.key.key.privateKey);
  86 +            goto fail;
  87 +        }
  88          o->u.key.key.privateKey->len = keyDER->len;
  89          nsslibc_memcpy(o->u.key.key.privateKey->data, keyDER->data,
  90                         keyDER->len);
  91      }
  92
  93 -    o->nickname = (char *) nss_ZAlloc(NULL, strlen(nickname) + 1);
  94 -    strcpy(o->nickname, nickname);
  95 -
  96 -    sprintf(id, "%d", objid);
  97 -
  98 -    len = strlen(id) + 1;       /* zero terminate */
  99 -    o->id.data = (void *) nss_ZAlloc(NULL, len);
 100 -    (void) nsslibc_memcpy(o->id.data, id, len);
 101 -    o->id.size = len;
 102
 103      return o;
 104 +
 105 +fail:
 106 +    if (o) {
 107 +        if (o->derCert) {
 108 +            nss_ZFreeIf(o->derCert->data);
 109 +            nss_ZFreeIf(o->derCert);
 110 +        }
 111 +        nss_ZFreeIf(o->id.data);
 112 +        nss_ZFreeIf(o->nickname);
 113 +        nss_ZFreeIf(o);
 114 +    }
 115 +    return NULL;
 116  }
 117
 118  pemInternalObject *
 119 @@ -306,6 +346,8 @@ AddObjectIfNeeded(CK_OBJECT_CLASS objCla
 120      /* object not found, we need to create it */
 121      pemInternalObject *io = CreateObject(objClass, type, certDER, keyDER,
 122                                           filename, objid, slotID);
 123 +    if (io == NULL)
 124 +        return NULL;
 125
 126      io->gobjIndex = count;
 127