Bug 1771495 - unchecked return code in sec_DecodeSigAlg. r=nss-reviewers,djackson

Differential Revision: https://phabricator.services.mozilla.com/D147529
author: John M. Schanck <jschanck@mozilla.com> 2022-06-06 18:12:26 +0000
committer: John M. Schanck <jschanck@mozilla.com> 2022-06-06 18:12:26 +0000
commit: db6a7a8553fa24d7883443b5625cc39ba87c876a (patch)
tree: 6315d1c1591dc8bec5b1b401f94f78b064102a00
parent: e6c2018b30f88f0bfd28250d91696ea11f80b89a (diff)
download: nss-hg-db6a7a8553fa24d7883443b5625cc39ba87c876a.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/cryptohi/secvfy.c b/lib/cryptohi/secvfy.c
index 17545848c..c6eade0f2 100644
--- a/lib/cryptohi/secvfy.c
+++ b/lib/cryptohi/secvfy.c
@@ -347,8 +347,8 @@ sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
                 PORT_DestroyCheapArena(&tmpArena);
 
                 /* only accept hash algorithms */
-                if (HASH_GetHashTypeByOidTag(*hashalg) == HASH_AlgNULL) {
-                    /* error set by HASH_GetHashTypeByOidTag */
+                if (rv != SECSuccess || HASH_GetHashTypeByOidTag(*hashalg) == HASH_AlgNULL) {
+                    /* error set by sec_DecodeRSAPSSParams or HASH_GetHashTypeByOidTag */
                     return SECFailure;
                 }
             } else {
author	John M. Schanck <jschanck@mozilla.com>	2022-06-06 18:12:26 +0000
committer	John M. Schanck <jschanck@mozilla.com>	2022-06-06 18:12:26 +0000
commit	db6a7a8553fa24d7883443b5625cc39ba87c876a (patch)
tree	6315d1c1591dc8bec5b1b401f94f78b064102a00
parent	e6c2018b30f88f0bfd28250d91696ea11f80b89a (diff)
download	nss-hg-db6a7a8553fa24d7883443b5625cc39ba87c876a.tar.gz