When a name attribute's value exceeds the maximum allowed length, display

a truncated version of it, followed by ellipsis.  Bug 220855. r=wtc

1 files changed, 13 insertions, 5 deletions

diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c
index 916f09cbe..b95cec96a 100644
--- a/security/nss/lib/certdb/alg1485.c
+++ b/security/nss/lib/certdb/alg1485.c
@@ -695,11 +695,19 @@ AppendAVA(stringBuf *bufp, CERTAVA *ava)
     }
 
     /* Check value length */
-    if (avaValue->len > maxLen) {
-	if (unknownTag) PR_smprintf_free(unknownTag);
-	SECITEM_FreeItem(avaValue, PR_TRUE);
-	PORT_SetError(SEC_ERROR_INVALID_AVA);
-	return SECFailure;
+    if (avaValue->len > maxLen + 3) {  /* must be room for "..." */
+	/* avaValue is a UTF8 string, freshly allocated and returned to us 
+	** by CERT_DecodeAVAValue just above, so we can modify it here.
+	** See if we're in the middle of a multi-byte UTF8 character.
+	*/
+	while (((avaValue->data[maxLen] & 0xc0) == 0x80) && maxLen > 0) {
+	   maxLen--;
+	}
+	/* add elipsis to signify truncation. */
+	avaValue->data[maxLen++] = '.'; 
+	avaValue->data[maxLen++] = '.';
+	avaValue->data[maxLen++] = '.';
+	avaValue->len = maxLen;
     }
 
     len = PORT_Strlen(tagName);