diff options
author | Martin Thomson <mt@lowentropy.net> | 2019-06-14 07:55:51 +0000 |
---|---|---|
committer | Martin Thomson <mt@lowentropy.net> | 2019-06-14 07:55:51 +0000 |
commit | eaec77f82b1e91443390c48988019b29aa239e12 (patch) | |
tree | e52558344bd67c238a28e0470d400ea859f8562f /lib/cryptohi | |
parent | a1ee946c15e011755c1ddff72a14b5563f670ccd (diff) | |
download | nss-hg-eaec77f82b1e91443390c48988019b29aa239e12.tar.gz |
Bug 1515342 - More thorough input checking, r=jcj
All part of applying better discipline throughout.
Differential Revision: https://phabricator.services.mozilla.com/D33736
Diffstat (limited to 'lib/cryptohi')
-rw-r--r-- | lib/cryptohi/seckey.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c index 75c97faee..fa13bc33e 100644 --- a/lib/cryptohi/seckey.c +++ b/lib/cryptohi/seckey.c @@ -639,6 +639,11 @@ seckey_ExtractPublicKey(const CERTSubjectPublicKeyInfo *spki) return pubk; break; case SEC_OID_ANSIX962_EC_PUBLIC_KEY: + /* A basic sanity check on inputs. */ + if (spki->algorithm.parameters.len == 0 || newOs.len == 0) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + break; + } pubk->keyType = ecKey; pubk->u.ec.size = 0; |