diff options
author | jpierre%netscape.com <devnull@localhost> | 2004-01-28 23:25:47 +0000 |
---|---|---|
committer | jpierre%netscape.com <devnull@localhost> | 2004-01-28 23:25:47 +0000 |
commit | 25b7289001682bf409b5953ba79fa4c5d95c5b5a (patch) | |
tree | c7bbb70d07cc91e94463ed629f62d6c9fb8726e6 /security/nss/lib | |
parent | f8e549cf03dfa7596e4aa9b5bea3f883e6d0ff14 (diff) | |
download | nss-hg-25b7289001682bf409b5953ba79fa4c5d95c5b5a.tar.gz |
Fix for 232377. vfychain asserts on DSA cert. r=wtc, nelsonb
Diffstat (limited to 'security/nss/lib')
-rw-r--r-- | security/nss/lib/cryptohi/seckey.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c index d1b3f6a05..b9cebc80a 100644 --- a/security/nss/lib/cryptohi/seckey.c +++ b/security/nss/lib/cryptohi/seckey.c @@ -514,10 +514,12 @@ seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count) (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) && (tag != SEC_OID_SDN702_DSA_SIGNATURE) && (tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY) ) { - return SECFailure; + rv = SECFailure; + goto loser; } } else { - return SECFailure; /* return failure if oid is NULL */ + rv = SECFailure; /* return failure if oid is NULL */ + goto loser; } @@ -526,7 +528,10 @@ seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count) * pqg parameters with a recursive call to this same function. */ rv = seckey_UpdateCertPQGChain(issuerCert, count); - if (rv != SECSuccess) return rv; + if (rv != SECSuccess) { + rv = SECFailure; + goto loser; + } /* ensure issuer has pqg parameters */ @@ -544,6 +549,10 @@ seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count) &issuerSpki->algorithm.parameters); } +loser: + if (issuerCert) { + CERT_DestroyCertificate(issuerCert); + } return rv; } |