summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authornelsonb%netscape.com <devnull@localhost>2005-04-11 02:52:01 +0000
committernelsonb%netscape.com <devnull@localhost>2005-04-11 02:52:01 +0000
commitb508cb1d44c1929500784558fb717511dae1bf63 (patch)
tree5b8bad6d880e8b238cb819e14b20a7c4adafd093
parentabe96aa7fa61506a8510c7f8cad3903e37bf5a58 (diff)
downloadnss-hg-b508cb1d44c1929500784558fb717511dae1bf63.tar.gz
Report correct error code when input cert file contains extra stuff.
bug 289819. r=julien.pierre
-rw-r--r--security/nss/lib/pkcs7/certread.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/security/nss/lib/pkcs7/certread.c b/security/nss/lib/pkcs7/certread.c
index b3955eff4..4887d26b8 100644
--- a/security/nss/lib/pkcs7/certread.c
+++ b/security/nss/lib/pkcs7/certread.c
@@ -42,6 +42,7 @@
#include "secder.h"
#include "secasn1.h"
#include "secoid.h"
+#include "secerr.h"
SEC_ASN1_MKSUB(SEC_AnyTemplate)
@@ -348,6 +349,10 @@ CERT_DecodeCertPackage(char *certbuf,
/* check entire length if definite length */
if ( seqLen || seqLenLen ) {
if ( certlen != ( seqLen + seqLenLen + 2 ) ) {
+ if (certlen > ( seqLen + seqLenLen + 2 ))
+ PORT_SetError(SEC_ERROR_EXTRA_INPUT);
+ else
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
goto notder;
}
}