diff options
| author | ian.mcgreer%sun.com <devnull@localhost> | 2002-02-13 21:09:15 +0000 |
|---|---|---|
| committer | ian.mcgreer%sun.com <devnull@localhost> | 2002-02-13 21:09:15 +0000 |
| commit | 570087d31c132ed69e9f22bc55b4a1c7ea0697ed (patch) | |
| tree | dfa741e2c3b80b89e9ff87392b17df996805775b | |
| parent | 39b657369083304673a7dd12f444eac94a91ba49 (diff) | |
| download | nss-hg-570087d31c132ed69e9f22bc55b4a1c7ea0697ed.tar.gz | |
bug 125165, don't crash when the softoken fails to return attributes for a cert object
| -rw-r--r-- | security/nss/lib/dev/devobject.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/security/nss/lib/dev/devobject.c b/security/nss/lib/dev/devobject.c index 074879e65..2c9369652 100644 --- a/security/nss/lib/dev/devobject.c +++ b/security/nss/lib/dev/devobject.c @@ -365,6 +365,17 @@ get_token_cert NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[5], rvCert->nickname); NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[6], &rvCert->subject); NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[7], rvCert->email); + /* XXX this would be better accomplished by dividing attributes to + * retrieve into "required" and "optional" + */ + if (rvCert->encoding.size == 0 || + rvCert->issuer.size == 0 || + rvCert->serial.size == 0 || + rvCert->subject.size == 0) + { + /* received a bum object from the token */ + goto loser; + } #ifdef NSS_3_4_CODE /* nss 3.4 database doesn't associate email address with cert */ if (!rvCert->email) { |