diff options
author | wtchang%redhat.com <devnull@localhost> | 2005-06-24 23:00:02 +0000 |
---|---|---|
committer | wtchang%redhat.com <devnull@localhost> | 2005-06-24 23:00:02 +0000 |
commit | 59def3bd0327b4e8fb7dd4e02ed70e4cb07583fd (patch) | |
tree | b964b3dcb31d746b1147c52f81cfc30079d7d70c | |
parent | 846b0c8fef1016afb6b22f3224a041fd4531fb7f (diff) | |
download | nss-hg-NSS_3_10_BASE.tar.gz |
Bugzilla Bug 298409: fixed an array index off-by-one error and a memoryNSS_3_10_BASE
leak. r=nelsonb.
-rw-r--r-- | security/nss/cmd/crlutil/crlgen.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/nss/cmd/crlutil/crlgen.c b/security/nss/cmd/crlutil/crlgen.c index 71d1e20ea..15e542cac 100644 --- a/security/nss/cmd/crlutil/crlgen.c +++ b/security/nss/cmd/crlutil/crlgen.c @@ -1367,7 +1367,7 @@ crlgen_setNextDataFn_extension(CRLGENGeneratorData *crlGenData, void *str, return SECFailure; } } - if (extStr->nextUpdatedData > MAX_EXT_DATA_LENGTH) { + if (extStr->nextUpdatedData >= MAX_EXT_DATA_LENGTH) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "number of fields in extension " @@ -1415,7 +1415,7 @@ crlgen_destroyTempData(CRLGENGeneratorData *crlGenData) PORT_Free(crlGenData->certEntry); break; case CRLGEN_ADD_EXTENSION_CONTEXT: - if (crlGenData->extensionEntry->nextUpdatedData) { + if (crlGenData->extensionEntry->extData) { int i = 0; for (;i < crlGenData->extensionEntry->nextUpdatedData;i++) PORT_Free(*(crlGenData->extensionEntry->extData + i)); |