set to 3.3.7beta, fixes for handling of invalid input

9 files changed, 74 insertions, 16 deletions

diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c
index d3ca7fcef..409b17a69 100644
--- a/security/nss/lib/certdb/alg1485.c
+++ b/security/nss/lib/certdb/alg1485.c
@@ -624,6 +624,11 @@ get_oid_string
     /* end points to one past the legitimate data */
     end = &d[ oid->len ];
 
+    if (oid->len > 1024) {
+	PORT_SetError(SEC_ERROR_NO_MEMORY);
+	return (char *)NULL;
+    }
+
     /*
      * Check for our pseudo-encoded single-digit OIDs
      */
@@ -775,6 +780,7 @@ AppendAVA(char **bufp, unsigned *buflenp, CERTAVA *ava)
       default:
  	/* handle unknown attribute types per RFC 2253 */
  	tagName = unknownTag = get_oid_string(&ava->type);
+	if (!tagName) return SECFailure;
  	maxLen = 256;
  	break;
     }
@@ -792,6 +798,7 @@ AppendAVA(char **bufp, unsigned *buflenp, CERTAVA *ava)
     /* Check value length */
     if (avaValue->len > maxLen) {
  	if (unknownTag) PR_smprintf_free(unknownTag);
+	SECITEM_FreeItem(avaValue, PR_TRUE);
 	PORT_SetError(SEC_ERROR_INVALID_AVA);
 	return SECFailure;
     }
@@ -799,6 +806,7 @@ AppendAVA(char **bufp, unsigned *buflenp, CERTAVA *ava)
     len = PORT_Strlen(tagName);
     if (len+1 > sizeof(tmpBuf)) {
 	if (unknownTag) PR_smprintf_free(unknownTag);
+	SECITEM_FreeItem(avaValue, PR_TRUE);
 	PORT_SetError(SEC_ERROR_OUTPUT_LEN);
 	return SECFailure;
     }
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
index 5eb141378..4701e1e45 100644
--- a/security/nss/lib/certdb/certdb.c
+++ b/security/nss/lib/certdb/certdb.c
@@ -1128,6 +1128,7 @@ CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage)
      */
     if ( requiredUsage & KU_KEY_AGREEMENT_OR_ENCIPHERMENT ) {
 	key = CERT_ExtractPublicKey(cert);
+	if (!key) return SECFailure;
 	if ( ( key->keyType == keaKey ) || ( key->keyType == fortezzaKey ) ||
 	     ( key->keyType == dhKey ) ) {
 	    requiredUsage |= KU_KEY_AGREEMENT;
diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c
index ba89c6ccc..588cfa6ec 100644
--- a/security/nss/lib/freebl/rsa.c
+++ b/security/nss/lib/freebl/rsa.c
@@ -226,7 +226,9 @@ RSA_NewKey(int keySizeInBits, SECItem *publicExponent)
     RSAPrivateKey *key = NULL;
     PRArenaPool *arena = NULL;
     /* Require key size to be a multiple of 16 bits. */
-    if (!publicExponent || keySizeInBits % 16 != 0) {
+    if (!publicExponent || keySizeInBits % 16 != 0 || 
+	 keySizeInBits == 0 || publicExponent->len == 0 ||
+	 (publicExponent->len == 1 && publicExponent->data[0] == 1)) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return NULL;
     }
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
index 9369fcecb..723379fc2 100644
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -49,11 +49,11 @@ SEC_BEGIN_PROTOS
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>] [<Beta>]"
  */
-#define NSS_VERSION  "3.3.6rtm"
+#define NSS_VERSION  "3.3.7beta"
 #define NSS_VMAJOR   3
 #define NSS_VMINOR   3
-#define NSS_VPATCH   6
-#define NSS_BETA     PR_FALSE
+#define NSS_VPATCH   7
+#define NSS_BETA     PR_TRUE
 
 
 /*
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
index 992feda19..546ebfc95 100644
--- a/security/nss/lib/softoken/pkcs11.c
+++ b/security/nss/lib/softoken/pkcs11.c
@@ -1956,9 +1956,15 @@ SECKEYLowPublicKey *pk11_GetPubKey(PK11Object *object,CK_KEY_TYPE key_type)
 	pubKey->keyType = rsaKey;
 	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.modulus,
 							object,CKA_MODULUS);
+	/* This requirement taken from rsa.c */
+	if (pubKey->u.rsa.modulus.len == 0 || 
+	     SECKEY_LowPublicModulusLen(pubKey) % 16 != 0)
+	    crv = CKR_ARGUMENTS_BAD;
     	if (crv != CKR_OK) break;
     	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.publicExponent,
 						object,CKA_PUBLIC_EXPONENT);
+	if (pubKey->u.rsa.publicExponent.len == 0)
+	    crv = CKR_ARGUMENTS_BAD;
 	break;
     case CKK_DSA:
 	pubKey->keyType = dsaKey;
diff --git a/security/nss/lib/softoken/rsawrapr.c b/security/nss/lib/softoken/rsawrapr.c
index 5b1b8d894..bb6e454af 100644
--- a/security/nss/lib/softoken/rsawrapr.c
+++ b/security/nss/lib/softoken/rsawrapr.c
@@ -240,6 +240,10 @@ RSA_FormatOneBlock(unsigned modulusLen, RSA_BlockType blockType,
 	 */
 	padLen = modulusLen - data->len - 3;
 	PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
+	if (padLen < RSA_BLOCK_MIN_PAD_LEN) {
+	    PORT_Free(block);
+	    return NULL;
+	}
 	for (i = 0; i < padLen; i++) {
 	    /* Pad with non-zero random data. */
 	    do {
@@ -776,6 +780,8 @@ RSA_EncryptBlock(SECKEYLowPublicKey *key,
     SECItem       unformatted;
 
     formatted.data = NULL;
+    if (modulus_len == 0)
+	goto failure;
     if (max_output_len < modulus_len) 
     	goto failure;
     PORT_Assert(key->keyType == rsaKey);
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 01cf2cc78..76731fa6c 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -1871,7 +1871,7 @@ ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf)
     SSL_TRC(3, ("%d: SSL3[%d]: handle change_cipher_spec record",
 		SSL_GETPID(), ss->fd));
 
-    if (ws != wait_change_cipher && ws != wait_cert_verify) {
+    if (ws != wait_change_cipher) {
 	(void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
 	PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER);
 	return SECFailure;
@@ -7157,23 +7157,22 @@ ssl3_HandleHandshake(sslSocket *ss, sslBuffer *origBuf)
 	    /* must be copied to msg_body and dealt with from there */
 	    unsigned int bytes;
 
-	    bytes = PR_MIN(buf->len, ssl3->hs.msg_len);
+	    PORT_Assert(ssl3->hs.msg_body.len <= ssl3->hs.msg_len);
+	    bytes = PR_MIN(buf->len, ssl3->hs.msg_len - ssl3->hs.msg_body.len);
 
 	    /* Grow the buffer if needed */
-	    if (bytes > ssl3->hs.msg_body.space - ssl3->hs.msg_body.len) {
-		rv = sslBuffer_Grow(&ssl3->hs.msg_body,
-		                  ssl3->hs.msg_body.len + bytes);
-		if (rv != SECSuccess) {
-		    /* sslBuffer_Grow has set a memory error code. */
-		    return SECFailure;
-	    	}
+	    rv = sslBuffer_Grow(&ssl3->hs.msg_body, ssl3->hs.msg_len);
+	    if (rv != SECSuccess) {
+		/* sslBuffer_Grow has set a memory error code. */
+		return SECFailure;
 	    }
+
 	    PORT_Memcpy(ssl3->hs.msg_body.buf + ssl3->hs.msg_body.len,
-		      buf->buf, buf->len);
+		        buf->buf, bytes);
+	    ssl3->hs.msg_body.len += bytes;
 	    buf->buf += bytes;
 	    buf->len -= bytes;
 
-	    /* should not be more than one message in msg_body */
 	    PORT_Assert(ssl3->hs.msg_body.len <= ssl3->hs.msg_len);
 
 	    /* if we have a whole message, do it */
diff --git a/security/nss/lib/util/dertime.c b/security/nss/lib/util/dertime.c
index 5fbdca656..0a7613b7c 100644
--- a/security/nss/lib/util/dertime.c
+++ b/security/nss/lib/util/dertime.c
@@ -119,6 +119,11 @@ DER_AsciiToTime(int64 *dst, char *string)
 {
     long year, month, mday, hour, minute, second, hourOff, minOff, days;
     int64 result, tmp1, tmp2;
+
+    PORT_Assert(string != NULL);
+    if (string == NULL) {
+	goto loser;
+    }
     
     /* Verify time is formatted properly and capture information */
     second = 0;
diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c
index f9ea07c48..f93f411db 100644
--- a/security/nss/lib/util/secasn1d.c
+++ b/security/nss/lib/util/secasn1d.c
@@ -768,6 +768,15 @@ sec_asn1d_parse_length (sec_asn1d_state *state,
 	    state->place = duringLength;
 	}
     }
+    if (!state->indefinite) {
+	if (state->underlying_kind & SEC_ASN1_ANY ||
+	     state->underlying_kind & SEC_ASN1_SKIP) {
+	    if (state->found_tag_modifiers & SEC_ASN1_CONSTRUCTED) {
+		state->found_tag_modifiers &= ~SEC_ASN1_CONSTRUCTED;
+		return 1;
+	    }
+	}
+    }
 
     return 1;
 }
@@ -863,6 +872,16 @@ sec_asn1d_prepare_for_contents (sec_asn1d_state *state)
      */
     state->pending = state->contents_length;
 
+    if (state->contents_length > 0) {
+	sec_asn1d_state *tmp = state->parent;
+	while (tmp && tmp->depth == state->depth) tmp = tmp->parent;
+	if (tmp && !tmp->indefinite && state->contents_length > tmp->pending)
+	{
+	    state->top->status = decodeError;
+	    return;
+	}
+    }
+
     /*
      * An EXPLICIT is nothing but an outer header, which we have
      * already parsed and accepted.  Now we need to do the inner
@@ -1296,6 +1315,10 @@ sec_asn1d_reuse_encoding (sec_asn1d_state *state)
     if (SEC_ASN1DecoderUpdate (state->top,
 			       (char *) item->data, item->len) != SECSuccess)
 	return;
+    if (state->top->status == needBytes) {
+	state->top->status = decodeError;
+	return;
+    }
 
     PORT_Assert (state->top->current == state);
     PORT_Assert (state->child == child);
@@ -1375,8 +1398,14 @@ static unsigned long
 sec_asn1d_parse_more_bit_string (sec_asn1d_state *state,
 				 const char *buf, unsigned long len)
 {
-    PORT_Assert (state->pending > 0);
+/*    PORT_Assert (state->pending > 0);
     PORT_Assert (state->place == duringBitString);
+*/
+    if (state->pending == 0 || state->place != duringBitString) {
+	PORT_SetError (SEC_ERROR_BAD_DER);
+	state->top->status = decodeError;
+	return 0;
+    }
 
     len = sec_asn1d_parse_leaf (state, buf, len);
     if (state->place == beforeEndOfContents && state->dest != NULL) {
@@ -2376,6 +2405,8 @@ SEC_ASN1DecoderUpdate (SEC_ASN1DecoderContext *cx,
 	    break;
 	  case duringSaveEncoding:
 	    sec_asn1d_reuse_encoding (state);
+	    if (cx->status == decodeError) 
+	      return SECFailure;
 	    break;
 	  case duringSequence:
 	    sec_asn1d_next_in_sequence (state);