Bug 1185033: Free the arena rather than destroying the

SECKEYPrivateKeyInfo if ASN.1 decoding fails. r=wtc,rrelyea
author: David Keeler <dkeeler@mozilla.com> 2015-08-25 16:50:51 -0700
committer: David Keeler <dkeeler@mozilla.com> 2015-08-25 16:50:51 -0700
commit: 5c96c348e1d996980f4513b4abfd1123c7019016 (patch)
tree: cd6b879f81f7bf96bb20248b2c0227cfde2bf60c /lib
parent: 4a924c2995dcd8bb8961c1a91df019ebdd61e301 (diff)
download: nss-hg-5c96c348e1d996980f4513b4abfd1123c7019016.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/pk11wrap/pk11pk12.c b/lib/pk11wrap/pk11pk12.c
index 2152a41e7..e5a0a21cf 100644
--- a/lib/pk11wrap/pk11pk12.c
+++ b/lib/pk11wrap/pk11pk12.c
@@ -234,13 +234,17 @@ PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI,
     rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate,
 		derPKI);
     if( rv != SECSuccess ) {
-	goto finish;
+        /* If SEC_ASN1DecodeItem fails, we cannot assume anything about the
+         * validity of the data in pki. The best we can do is free the arena
+         * and return.
+         */
+        PORT_FreeArena(temparena, PR_TRUE);
+        return rv;
     }
 
     rv = PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname,
 		publicValue, isPerm, isPrivate, keyUsage, privk, wincx);
 
-finish:
     /* this zeroes the key and frees the arena */
     SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/);
     return rv;
author	David Keeler <dkeeler@mozilla.com>	2015-08-25 16:50:51 -0700
committer	David Keeler <dkeeler@mozilla.com>	2015-08-25 16:50:51 -0700
commit	5c96c348e1d996980f4513b4abfd1123c7019016 (patch)
tree	cd6b879f81f7bf96bb20248b2c0227cfde2bf60c /lib
parent	4a924c2995dcd8bb8961c1a91df019ebdd61e301 (diff)
download	nss-hg-5c96c348e1d996980f4513b4abfd1123c7019016.tar.gz