diff options
| author | nelsonb%netscape.com <devnull@localhost> | 2004-01-07 00:09:17 +0000 |
|---|---|---|
| committer | nelsonb%netscape.com <devnull@localhost> | 2004-01-07 00:09:17 +0000 |
| commit | e9f195bb64ef1c68a309297635a89422f521cb44 (patch) | |
| tree | b964b7665a1ffa52c6d305580ffae659a68df477 | |
| parent | b03b79c62aaf0dbbbdfa93a2a92e22602baedb0e (diff) | |
| download | nss-hg-e9f195bb64ef1c68a309297635a89422f521cb44.tar.gz | |
Fix crashes in NSS_CMSSignedData_GetDigestValue and
NSS_CMSContentInfo_GetContent that occur when a detached signature is not
accompanied by the data on which the signature was computed. Bug 229242.
Make NSS_CMSContentInfo_GetInnerContent and NSS_CMSMessage_GetContent
more easily debugged, by storing the results returned by function calls
in automatic variables before using them in subsequent calls/switches.
| -rw-r--r-- | security/nss/lib/smime/cmscinfo.c | 23 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmsmessage.c | 4 | ||||
| -rw-r--r-- | security/nss/lib/smime/cmssigdata.c | 4 |
3 files changed, 22 insertions, 9 deletions
diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c index e74ab9cbf..ceb99c605 100644 --- a/security/nss/lib/smime/cmscinfo.c +++ b/security/nss/lib/smime/cmscinfo.c @@ -209,7 +209,10 @@ NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentIn void * NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo) { - switch (cinfo->contentTypeTag->offset) { + SECOidTag tag = (cinfo && cinfo->contentTypeTag) + ? cinfo->contentTypeTag->offset + : SEC_OID_UNKNOWN; + switch (tag) { case SEC_OID_PKCS7_DATA: case SEC_OID_PKCS7_SIGNED_DATA: case SEC_OID_PKCS7_ENVELOPED_DATA: @@ -230,22 +233,28 @@ SECItem * NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo) { NSSCMSContentInfo *ccinfo; + SECOidTag tag; + SECItem *pItem = NULL; - switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) { + tag = NSS_CMSContentInfo_GetContentTypeTag(cinfo); + switch (tag) { case SEC_OID_PKCS7_DATA: - return cinfo->content.data; /* end of recursion - every message has to have a data cinfo */ + /* end of recursion - every message has to have a data cinfo */ + pItem = cinfo->content.data; + break; case SEC_OID_PKCS7_DIGESTED_DATA: case SEC_OID_PKCS7_ENCRYPTED_DATA: case SEC_OID_PKCS7_ENVELOPED_DATA: case SEC_OID_PKCS7_SIGNED_DATA: - if ((ccinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) == NULL) - break; - return NSS_CMSContentInfo_GetContent(ccinfo); + ccinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo); + if (ccinfo != NULL) + pItem = NSS_CMSContentInfo_GetContent(ccinfo); + break; default: PORT_Assert(0); break; } - return NULL; + return pItem; } /* diff --git a/security/nss/lib/smime/cmsmessage.c b/security/nss/lib/smime/cmsmessage.c index 7e785cc1f..c9b076af2 100644 --- a/security/nss/lib/smime/cmsmessage.c +++ b/security/nss/lib/smime/cmsmessage.c @@ -178,7 +178,9 @@ SECItem * NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg) { /* this is a shortcut */ - return NSS_CMSContentInfo_GetInnerContent(NSS_CMSMessage_GetContentInfo(cmsg)); + NSSCMSContentInfo * cinfo = NSS_CMSMessage_GetContentInfo(cmsg); + SECItem * pItem = NSS_CMSContentInfo_GetInnerContent(cinfo); + return pItem; } /* diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c index 77dbfb7c2..573663b9c 100644 --- a/security/nss/lib/smime/cmssigdata.c +++ b/security/nss/lib/smime/cmssigdata.c @@ -1028,8 +1028,10 @@ NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag) return NULL; } - if (sigd->digestAlgorithms == NULL) + if (sigd->digestAlgorithms == NULL || sigd->digests == NULL) { + PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND); return NULL; + } n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag); |