diff options
author | nelsonb%netscape.com <devnull@localhost> | 2005-04-11 02:52:01 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2005-04-11 02:52:01 +0000 |
commit | b508cb1d44c1929500784558fb717511dae1bf63 (patch) | |
tree | 5b8bad6d880e8b238cb819e14b20a7c4adafd093 | |
parent | abe96aa7fa61506a8510c7f8cad3903e37bf5a58 (diff) | |
download | nss-hg-b508cb1d44c1929500784558fb717511dae1bf63.tar.gz |
Report correct error code when input cert file contains extra stuff.
bug 289819. r=julien.pierre
-rw-r--r-- | security/nss/lib/pkcs7/certread.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/security/nss/lib/pkcs7/certread.c b/security/nss/lib/pkcs7/certread.c index b3955eff4..4887d26b8 100644 --- a/security/nss/lib/pkcs7/certread.c +++ b/security/nss/lib/pkcs7/certread.c @@ -42,6 +42,7 @@ #include "secder.h" #include "secasn1.h" #include "secoid.h" +#include "secerr.h" SEC_ASN1_MKSUB(SEC_AnyTemplate) @@ -348,6 +349,10 @@ CERT_DecodeCertPackage(char *certbuf, /* check entire length if definite length */ if ( seqLen || seqLenLen ) { if ( certlen != ( seqLen + seqLenLen + 2 ) ) { + if (certlen > ( seqLen + seqLenLen + 2 )) + PORT_SetError(SEC_ERROR_EXTRA_INPUT); + else + PORT_SetError(SEC_ERROR_INPUT_LEN); goto notder; } } |