summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwtchang%redhat.com <devnull@localhost>2005-06-24 23:00:02 +0000
committerwtchang%redhat.com <devnull@localhost>2005-06-24 23:00:02 +0000
commit59def3bd0327b4e8fb7dd4e02ed70e4cb07583fd (patch)
treeb964b3dcb31d746b1147c52f81cfc30079d7d70c
parent846b0c8fef1016afb6b22f3224a041fd4531fb7f (diff)
downloadnss-hg-NSS_3_10_BASE.tar.gz
Bugzilla Bug 298409: fixed an array index off-by-one error and a memoryNSS_3_10_BASE
leak. r=nelsonb.
Diffstat
-rw-r--r--security/nss/cmd/crlutil/crlgen.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/security/nss/cmd/crlutil/crlgen.c b/security/nss/cmd/crlutil/crlgen.c
index 71d1e20ea..15e542cac 100644
--- a/security/nss/cmd/crlutil/crlgen.c
+++ b/security/nss/cmd/crlutil/crlgen.c
@@ -1367,7 +1367,7 @@ crlgen_setNextDataFn_extension(CRLGENGeneratorData *crlGenData, void *str,
return SECFailure;
}
}
- if (extStr->nextUpdatedData > MAX_EXT_DATA_LENGTH) {
+ if (extStr->nextUpdatedData >= MAX_EXT_DATA_LENGTH) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
crlgen_PrintError(crlGenData->parsedLineNum,
"number of fields in extension "
@@ -1415,7 +1415,7 @@ crlgen_destroyTempData(CRLGENGeneratorData *crlGenData)
PORT_Free(crlGenData->certEntry);
break;
case CRLGEN_ADD_EXTENSION_CONTEXT:
- if (crlGenData->extensionEntry->nextUpdatedData) {
+ if (crlGenData->extensionEntry->extData) {
int i = 0;
for (;i < crlGenData->extensionEntry->nextUpdatedData;i++)
PORT_Free(*(crlGenData->extensionEntry->extData + i));
View Lorry Controller Status