diff options
author | Andi-Bogdan Postelnicu <bpostelnicu@mozilla.com> | 2018-06-18 12:31:47 +0300 |
---|---|---|
committer | Andi-Bogdan Postelnicu <bpostelnicu@mozilla.com> | 2018-06-18 12:31:47 +0300 |
commit | d1e7096e15f466ea9985b10731a4b43d87c32411 (patch) | |
tree | c4bccfeaebd154881728325f30f3b92cd3365679 | |
parent | d6b5466d6af7bf5d132e44c95b5d056e8f1373d6 (diff) | |
download | nss-hg-d1e7096e15f466ea9985b10731a4b43d87c32411.tar.gz |
Bug 1453795 - PSM-Security - Initialize member fields in classes/ structures. r=keeler
-rw-r--r-- | lib/mozpkix/lib/pkixbuild.cpp | 1 | ||||
-rw-r--r-- | lib/mozpkix/lib/pkixcheck.cpp | 4 | ||||
-rw-r--r-- | lib/mozpkix/lib/pkixder.h | 3 | ||||
-rw-r--r-- | lib/mozpkix/lib/pkixutil.h | 4 | ||||
-rw-r--r-- | lib/mozpkix/lib/pkixverify.cpp | 3 |
5 files changed, 13 insertions, 2 deletions
diff --git a/lib/mozpkix/lib/pkixbuild.cpp b/lib/mozpkix/lib/pkixbuild.cpp index db65d6021..d3202cd8e 100644 --- a/lib/mozpkix/lib/pkixbuild.cpp +++ b/lib/mozpkix/lib/pkixbuild.cpp @@ -61,6 +61,7 @@ public: , stapledOCSPResponse(aStapledOCSPResponse) , subCACount(aSubCACount) , deferredSubjectError(aDeferredSubjectError) + , subjectSignaturePublicKeyAlg(der::PublicKeyAlgorithm::Uninitialized) , result(Result::FATAL_ERROR_LIBRARY_FAILURE) , resultWasSet(false) , buildForwardCallBudget(aBuildForwardCallBudget) diff --git a/lib/mozpkix/lib/pkixcheck.cpp b/lib/mozpkix/lib/pkixcheck.cpp index 7541b6ac7..523283405 100644 --- a/lib/mozpkix/lib/pkixcheck.cpp +++ b/lib/mozpkix/lib/pkixcheck.cpp @@ -118,6 +118,10 @@ CheckSignatureAlgorithm(TrustDomain& trustDomain, // during path building is too low to be worth bothering with. break; + case der::PublicKeyAlgorithm::Uninitialized: + assert(false); + return Result::FATAL_ERROR_LIBRARY_FAILURE; + MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM } diff --git a/lib/mozpkix/lib/pkixder.h b/lib/mozpkix/lib/pkixder.h index a17114bcb..cdfde3eae 100644 --- a/lib/mozpkix/lib/pkixder.h +++ b/lib/mozpkix/lib/pkixder.h @@ -457,7 +457,7 @@ CertificateSerialNumber(Reader& input, /*out*/ Input& value) // x.509 and OCSP both use this same version numbering scheme, though OCSP // only supports v1. -enum class Version { v1 = 0, v2 = 1, v3 = 2, v4 = 3 }; +enum class Version { v1 = 0, v2 = 1, v3 = 2, v4 = 3, Uninitialized = 255 }; // X.509 Certificate and OCSP ResponseData both use // "[0] EXPLICIT Version DEFAULT v1". Although an explicit encoding of v1 is @@ -522,6 +522,7 @@ enum class PublicKeyAlgorithm { RSA_PKCS1, ECDSA, + Uninitialized }; Result SignatureAlgorithmIdentifierValue( diff --git a/lib/mozpkix/lib/pkixutil.h b/lib/mozpkix/lib/pkixutil.h index c22ffbefe..0923802f7 100644 --- a/lib/mozpkix/lib/pkixutil.h +++ b/lib/mozpkix/lib/pkixutil.h @@ -42,11 +42,13 @@ class BackCert final { public: // certDER and childCert must be valid for the lifetime of BackCert. - BackCert(Input aCertDER, EndEntityOrCA aEndEntityOrCA, + BackCert(Input aCertDER, + EndEntityOrCA aEndEntityOrCA, const BackCert* aChildCert) : der(aCertDER) , endEntityOrCA(aEndEntityOrCA) , childCert(aChildCert) + , version(der::Version::Uninitialized) { } diff --git a/lib/mozpkix/lib/pkixverify.cpp b/lib/mozpkix/lib/pkixverify.cpp index 16737e49d..45e2f8b08 100644 --- a/lib/mozpkix/lib/pkixverify.cpp +++ b/lib/mozpkix/lib/pkixverify.cpp @@ -79,6 +79,9 @@ VerifySignedDigest(TrustDomain& trustDomain, case der::PublicKeyAlgorithm::RSA_PKCS1: return trustDomain.VerifyRSAPKCS1SignedDigest(signedDigest, signerSubjectPublicKeyInfo); + case der::PublicKeyAlgorithm::Uninitialized: + assert(false); + return Result::FATAL_ERROR_LIBRARY_FAILURE; MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM } } |