diff options
| author | ddrinan%netscape.com <devnull@localhost> | 2001-06-20 23:14:35 +0000 |
|---|---|---|
| committer | ddrinan%netscape.com <devnull@localhost> | 2001-06-20 23:14:35 +0000 |
| commit | 4474632247e4ec271e34dc4fadaaa860435f9b8d (patch) | |
| tree | ebad747d30ef214549a8d321d407e49a83350cb2 | |
| parent | 5b88e084550c23f9e229b7f29e65c4efdab41ed5 (diff) | |
| download | nss-hg-4474632247e4ec271e34dc4fadaaa860435f9b8d.tar.gz | |
Bug# 74343. Check in for relyea. r=ddrinan,r=mcgreer,sr=blizzard,a=dbaron
| -rw-r--r-- | security/nss/lib/certdb/pcertdb.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/security/nss/lib/certdb/pcertdb.c b/security/nss/lib/certdb/pcertdb.c index 8dcedb410..20ce6f02a 100644 --- a/security/nss/lib/certdb/pcertdb.c +++ b/security/nss/lib/certdb/pcertdb.c @@ -873,8 +873,14 @@ DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry) nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] ); if ( ( entry->derCrl.len + nnlen + DB_CRL_ENTRY_HEADER_LEN ) != dbentry->len) { - PORT_SetError(SEC_ERROR_BAD_DATABASE); - goto loser; + /* CRL entry is greater than 64 K. Hack to make this continue to work */ + if (dbentry->len >= (0xffff - DB_CRL_ENTRY_HEADER_LEN) - nnlen) { + entry->derCrl.len = + (dbentry->len - DB_CRL_ENTRY_HEADER_LEN) - nnlen; + } else { + PORT_SetError(SEC_ERROR_BAD_DATABASE); + goto loser; + } } /* copy the dercert */ |