Bug 351767, pk12util -o ... -W crashes when outfile is directory.

r=nelson, alexei
author: neil.williams%sun.com <devnull@localhost> 2007-05-05 01:26:20 +0000
committer: neil.williams%sun.com <devnull@localhost> 2007-05-05 01:26:20 +0000
commit: 60de20195a82e699ec66eaa1683b4af5ed53e107 (patch)
tree: 410bfd6dc1fc154e6e00cf90698d7020a034b7b6
parent: f47bf75ef8a4a11638537c6c3466d9ca57ec03ac (diff)
download: nss-hg-60de20195a82e699ec66eaa1683b4af5ed53e107.tar.gz
1 files changed, 19 insertions, 15 deletions
diff --git a/security/nss/cmd/pk12util/pk12util.c b/security/nss/cmd/pk12util/pk12util.c
index ade93d1c0..22342591c 100644
--- a/security/nss/cmd/pk12util/pk12util.c
+++ b/security/nss/cmd/pk12util/pk12util.c
@@ -282,23 +282,33 @@ P12U_UnicodeConversion(PRArenaPool *arena, SECItem *dest, SECItem *src,
 SECItem *
 P12U_GetP12FilePassword(PRBool confirmPw, secuPWData *p12FilePw)
 {
-    char *p0 = NULL, *p1 = NULL;
+    char *p0 = NULL;
     SECItem *pwItem = NULL;
 
     if (p12FilePw == NULL || p12FilePw->source == PW_NONE) {
+	char *p1 = NULL;
+	int   rc;
 	for (;;) {
 	    p0 = SECU_GetPasswordString(NULL,
 					"Enter password for PKCS12 file: ");
-	    if (!confirmPw)
+	    if (!confirmPw || p0 == NULL)
 		break;
 	    p1 = SECU_GetPasswordString(NULL, "Re-enter password: ");
-	    if (PL_strcmp(p0, p1) == 0)
+	    if (p1 == NULL) {
+		PORT_ZFree(p0, PL_strlen(p0));
+		p0 = NULL;
 		break;
+	    }
+	    rc = PL_strcmp(p0, p1);
+	    PORT_ZFree(p1, PL_strlen(p1));
+	    if (rc == 0)
+		break;
+	    PORT_ZFree(p0, PL_strlen(p0));
 	}
     } else if (p12FilePw->source == PW_FROMFILE) {
 	p0 = SECU_FilePasswd(NULL, PR_FALSE, p12FilePw->data);
     } else { /* Plaintext */
-	p0 = p12FilePw->data;
+	p0 = PORT_Strdup(p12FilePw->data);
     }
 
     if (p0 == NULL) {
@@ -307,11 +317,7 @@ P12U_GetP12FilePassword(PRBool confirmPw, secuPWData *p12FilePw)
     pwItem = SECITEM_AllocItem(NULL, NULL, PL_strlen(p0) + 1);
     memcpy(pwItem->data, p0, pwItem->len);
 
-    PORT_Memset(p0, 0, PL_strlen(p0));
-    PORT_Free(p0);
-
-    PORT_Memset(p1, 0, PL_strlen(p1));
-    PORT_Free(p1);
+    PORT_ZFree(p0, PL_strlen(p0));
 
     return pwItem;
 }
@@ -705,12 +711,6 @@ loser:
         certlist = NULL;
     }    
 
-    if (slotPw)
-        PR_Free(slotPw->data);
-
-    if (p12FilePw)
-        PR_Free(p12FilePw->data);
-
     p12u_DestroyContext(&p12cxt, PR_TRUE);
     if(pwitem) {
         SECITEM_ZfreeItem(pwitem, PR_TRUE);
@@ -965,6 +965,10 @@ main(int argc, char **argv)
     }
 
 done:
+    if (slotPw.data != NULL)
+	PORT_ZFree(slotPw.data, PL_strlen(slotPw.data));
+    if (p12FilePw.data != NULL)
+	PORT_ZFree(p12FilePw.data, PL_strlen(p12FilePw.data));
     if (slot) PK11_FreeSlot(slot);
     if (NSS_Shutdown() != SECSuccess) {
 	pk12uErrno = 1;
author	neil.williams%sun.com <devnull@localhost>	2007-05-05 01:26:20 +0000
committer	neil.williams%sun.com <devnull@localhost>	2007-05-05 01:26:20 +0000
commit	60de20195a82e699ec66eaa1683b4af5ed53e107 (patch)
tree	410bfd6dc1fc154e6e00cf90698d7020a034b7b6
parent	f47bf75ef8a4a11638537c6c3466d9ca57ec03ac (diff)
download	nss-hg-60de20195a82e699ec66eaa1683b4af5ed53e107.tar.gz