summaryrefslogtreecommitdiff
path: root/security/nss/lib
diff options
context:
space:
mode:
authorjpierre%netscape.com <devnull@localhost>2004-01-28 23:25:47 +0000
committerjpierre%netscape.com <devnull@localhost>2004-01-28 23:25:47 +0000
commit25b7289001682bf409b5953ba79fa4c5d95c5b5a (patch)
treec7bbb70d07cc91e94463ed629f62d6c9fb8726e6 /security/nss/lib
parentf8e549cf03dfa7596e4aa9b5bea3f883e6d0ff14 (diff)
downloadnss-hg-25b7289001682bf409b5953ba79fa4c5d95c5b5a.tar.gz
Fix for 232377. vfychain asserts on DSA cert. r=wtc, nelsonb
Diffstat (limited to 'security/nss/lib')
-rw-r--r--security/nss/lib/cryptohi/seckey.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
index d1b3f6a05..b9cebc80a 100644
--- a/security/nss/lib/cryptohi/seckey.c
+++ b/security/nss/lib/cryptohi/seckey.c
@@ -514,10 +514,12 @@ seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count)
(tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
(tag != SEC_OID_SDN702_DSA_SIGNATURE) &&
(tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY) ) {
- return SECFailure;
+ rv = SECFailure;
+ goto loser;
}
} else {
- return SECFailure; /* return failure if oid is NULL */
+ rv = SECFailure; /* return failure if oid is NULL */
+ goto loser;
}
@@ -526,7 +528,10 @@ seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count)
* pqg parameters with a recursive call to this same function. */
rv = seckey_UpdateCertPQGChain(issuerCert, count);
- if (rv != SECSuccess) return rv;
+ if (rv != SECSuccess) {
+ rv = SECFailure;
+ goto loser;
+ }
/* ensure issuer has pqg parameters */
@@ -544,6 +549,10 @@ seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count)
&issuerSpki->algorithm.parameters);
}
+loser:
+ if (issuerCert) {
+ CERT_DestroyCertificate(issuerCert);
+ }
return rv;
}