diff options
author | bsmith%mozilla.com <devnull@localhost> | 2013-01-18 19:31:42 +0000 |
---|---|---|
committer | bsmith%mozilla.com <devnull@localhost> | 2013-01-18 19:31:42 +0000 |
commit | 88e146cbe6c3f9a1b755ef9c267313789a2cb614 (patch) | |
tree | cda08a1e4dbadd6548a568ec308f600daeae14b3 | |
parent | 5401606a1931e50872a704cd976c43fbe6e5fb4a (diff) | |
download | nss-hg-88e146cbe6c3f9a1b755ef9c267313789a2cb614.tar.gz |
Bug 832005: Fix use of uninitialized variable when sending alert about missing certificate. Patch by mcmanus, r=bsmith
-rw-r--r-- | security/nss/lib/ssl/ssl3con.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 478f21a90..301902876 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -8384,8 +8384,10 @@ ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length) } if (!remaining) { - if (!(isTLS && isServer)) + if (!(isTLS && isServer)) { + desc = bad_certificate; goto alert_loser; + } /* This is TLS's version of a no_certificate alert. */ /* I'm a server. I've requested a client cert. He hasn't got one. */ rv = ssl3_HandleNoCertificate(ss); |