Bug 1515342 - Checks for invalid bit strings, r=jcj

Differential Revision: https://phabricator.services.mozilla.com/D15061

2 files changed, 21 insertions, 16 deletions

diff --git a/cpputil/nss_scoped_ptrs.h b/cpputil/nss_scoped_ptrs.h
index 24116b63f..3ee7c9e1e 100644
--- a/cpputil/nss_scoped_ptrs.h
+++ b/cpputil/nss_scoped_ptrs.h
@@ -21,13 +21,19 @@ struct ScopedDelete {
   void operator()(CERTCertificateList* list) {
     CERT_DestroyCertificateList(list);
   }
+  void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); }
   void operator()(CERTName* name) { CERT_DestroyName(name); }
   void operator()(CERTCertList* list) { CERT_DestroyCertList(list); }
   void operator()(CERTSubjectPublicKeyInfo* spki) {
     SECKEY_DestroySubjectPublicKeyInfo(spki);
   }
+  void operator()(PK11Context* context) { PK11_DestroyContext(context, true); }
+  void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); }
   void operator()(PK11SlotInfo* slot) { PK11_FreeSlot(slot); }
   void operator()(PK11SymKey* key) { PK11_FreeSymKey(key); }
+  void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); }
+  void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); }
+  void operator()(PQGParams* pqg) { PK11_PQG_DestroyParams(pqg); }
   void operator()(PRFileDesc* fd) { PR_Close(fd); }
   void operator()(SECAlgorithmID* id) { SECOID_DestroyAlgorithmID(id, true); }
   void operator()(SECKEYEncryptedPrivateKeyInfo* e) {
@@ -39,16 +45,10 @@ struct ScopedDelete {
   void operator()(SECKEYPrivateKeyList* list) {
     SECKEY_DestroyPrivateKeyList(list);
   }
-  void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); }
-  void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); }
-  void operator()(PK11Context* context) { PK11_DestroyContext(context, true); }
-  void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); }
-  void operator()(PQGParams* pqg) { PK11_PQG_DestroyParams(pqg); }
+  void operator()(SECMODModule* module) { SECMOD_DestroyModule(module); }
   void operator()(SEC_PKCS12DecoderContext* dcx) {
     SEC_PKCS12DecoderFinish(dcx);
   }
-  void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); }
-  void operator()(SECMODModule* module) { SECMOD_DestroyModule(module); }
 };
 
 template <class T>
@@ -63,28 +63,28 @@ struct ScopedMaybeDelete {
 
 #define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDelete<x> > Scoped##x
 
+SCOPED(CERTCertList);
 SCOPED(CERTCertificate);
 SCOPED(CERTCertificateList);
-SCOPED(CERTCertList);
+SCOPED(CERTDistNames);
 SCOPED(CERTName);
 SCOPED(CERTSubjectPublicKeyInfo);
+SCOPED(PK11Context);
+SCOPED(PK11GenericObject);
 SCOPED(PK11SlotInfo);
 SCOPED(PK11SymKey);
+SCOPED(PK11URI);
+SCOPED(PLArenaPool);
 SCOPED(PQGParams);
 SCOPED(PRFileDesc);
 SCOPED(SECAlgorithmID);
-SCOPED(SECKEYEncryptedPrivateKeyInfo);
 SCOPED(SECItem);
-SCOPED(SECKEYPublicKey);
+SCOPED(SECKEYEncryptedPrivateKeyInfo);
 SCOPED(SECKEYPrivateKey);
 SCOPED(SECKEYPrivateKeyList);
-SCOPED(PK11URI);
-SCOPED(PLArenaPool);
-SCOPED(PK11Context);
-SCOPED(PK11GenericObject);
-SCOPED(SEC_PKCS12DecoderContext);
-SCOPED(CERTDistNames);
+SCOPED(SECKEYPublicKey);
 SCOPED(SECMODModule);
+SCOPED(SEC_PKCS12DecoderContext);
 
 #undef SCOPED
 
diff --git a/cpputil/scoped_ptrs_util.h b/cpputil/scoped_ptrs_util.h
index dc6e1d752..d0a42ee0b 100644
--- a/cpputil/scoped_ptrs_util.h
+++ b/cpputil/scoped_ptrs_util.h
@@ -37,4 +37,9 @@ SCOPED(PLArenaPool);
 
 #undef SCOPED
 
+struct StackSECItem : public SECItem {
+  StackSECItem() : SECItem({siBuffer, nullptr, 0}) {}
+  ~StackSECItem() { SECITEM_FreeItem(this, PR_FALSE); }
+};
+
 #endif  // scoped_ptrs_util_h__