Detect NULL arguments to CERT_DecodeTrustString instead of crashing.

Bug 235617. r=wtc.
2024-10-10 03:45:46 +00:00 · 2004-02-26 00:05:29 +00:00 · 2004-02-26 00:05:29 +00:00 · a74bbe4b09
commit a74bbe4b09
parent 185cbfd645
1 changed files with 9 additions and 1 deletions
--- a/security/nss/lib/certdb/certdb.c
+++ b/security/nss/lib/certdb/certdb.c
@ -34,7 +34,7 @@
 /*
 * Certificate handling code
 *
- * $Id: certdb.c,v 1.63 2004/02/07 01:41:15 wchang0222%aol.com Exp $
+ * $Id: certdb.c,v 1.64 2004/02/26 00:05:29 nelsonb%netscape.com Exp $
 */

 #include "nssilock.h"
@ -2014,9 +2014,17 @@ CERT_DecodeTrustString(CERTCertTrust *trust, char *trusts)
    unsigned int i;
    unsigned int *pflags;
    
+    if (!trust) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+    }
    trust->sslFlags = 0;
    trust->emailFlags = 0;
    trust->objectSigningFlags = 0;
+    if (!trusts) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+    }

    pflags = &trust->sslFlags;