Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-12 04:45:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bug 550052 - add length check when decoding key usage bit strings. r=dkeeler

Browse Source
This commit is contained in:
Harsh Pathak 2014-06-10 16:56:00 +02:00
parent 06164477b9
commit b22dcd058f
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
security/manager/ssl/src/nsNSSCertHelper.cpp
View File

@ -653,7 +653,10 @@ ProcessKeyUsageExtension(SECItem *extData, nsAString &text,
text.Append(local.get());
return NS_OK;
}
unsigned char keyUsage = decoded.data[0];
unsigned char keyUsage = 0;
if (decoded.len) {
keyUsage = decoded.data[0];
}
nsMemory::Free(decoded.data);
if (keyUsage & KU_DIGITAL_SIGNATURE) {
nssComponent->GetPIPNSSBundleString("CertDumpKUSign", local);

6
security/manager/ssl/src/nsNSSCertificate.cpp
View File

@ -258,6 +258,7 @@ GetKeyUsagesString(CERTCertificate* cert, nsINSSComponent* nssComponent,
SECItem keyUsageItem;
keyUsageItem.data = nullptr;
keyUsageItem.len = 0;
SECStatus srv;
@ -273,8 +274,11 @@ GetKeyUsagesString(CERTCertificate* cert, nsINSSComponent* nssComponent,
else
return NS_ERROR_FAILURE;
}
unsigned char keyUsage = 0;
if (keyUsageItem.len) {
keyUsage = keyUsageItem.data[0];
}
unsigned char keyUsage = keyUsageItem.data[0];
nsAutoString local;
nsresult rv;
const char16_t comma = ',';