diff options
author | nelsonb%netscape.com <devnull@localhost> | 2003-11-06 02:02:32 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2003-11-06 02:02:32 +0000 |
commit | cc57dab4d622d99322b8f2322923acdb7d43cc93 (patch) | |
tree | ca48a1aa00f88db96d80235e5d51ed17e56dc8f4 | |
parent | 9fffb100c2b7d43aa6a31138cb6a18abca09b0f3 (diff) | |
download | nss-hg-cc57dab4d622d99322b8f2322923acdb7d43cc93.tar.gz |
Fix some bugs in the code that formats OIDs for printing.
Bugscape bug 53334.
-rw-r--r-- | security/nss/lib/certdb/alg1485.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c index 74bbb7d85..f1a450f47 100644 --- a/security/nss/lib/certdb/alg1485.c +++ b/security/nss/lib/certdb/alg1485.c @@ -548,10 +548,15 @@ CERT_GetOidString(const SECItem *oid) PRUint8 *end; PRUint8 *d; PRUint8 *e; - char *a; + char *a = NULL; char *b; - a = (char *)NULL; +#define MAX_OID_LEN 1024 /* bytes */ + + if (oid->len > MAX_OID_LEN) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return NULL; + } /* d will point to the next sequence of bytes to decode */ d = (PRUint8 *)oid->data; @@ -670,6 +675,8 @@ AppendAVA(stringBuf *bufp, CERTAVA *ava) } else { /* handle unknown attribute types per RFC 2253 */ tagName = unknownTag = CERT_GetOidString(&ava->type); + if (!tagName) + return SECFailure; } maxLen = n2k->maxLen; @@ -690,6 +697,7 @@ AppendAVA(stringBuf *bufp, CERTAVA *ava) /* Check value length */ if (avaValue->len > maxLen) { if (unknownTag) PR_smprintf_free(unknownTag); + SECITEM_FreeItem(avaValue, PR_TRUE); PORT_SetError(SEC_ERROR_INVALID_AVA); return SECFailure; } @@ -697,6 +705,7 @@ AppendAVA(stringBuf *bufp, CERTAVA *ava) len = PORT_Strlen(tagName); if (len+1 > sizeof(tmpBuf)) { if (unknownTag) PR_smprintf_free(unknownTag); + SECITEM_FreeItem(avaValue, PR_TRUE); PORT_SetError(SEC_ERROR_OUTPUT_LEN); return SECFailure; } |