diff options
author | ian.mcgreer%sun.com <devnull@localhost> | 2003-04-17 17:05:09 +0000 |
---|---|---|
committer | ian.mcgreer%sun.com <devnull@localhost> | 2003-04-17 17:05:09 +0000 |
commit | eb83618dd312ae6971dadf39a0aa27038caee1de (patch) | |
tree | e5767bf96d9d177a19d66d8d61b6c9319601d4d0 /security/nss/lib | |
parent | db11c3e6a1b4e2abb69543ee5ff25894527300cb (diff) | |
download | nss-hg-eb83618dd312ae6971dadf39a0aa27038caee1de.tar.gz |
bug 198452, zero-byte memcpys
r=relyea
Diffstat (limited to 'security/nss/lib')
-rw-r--r-- | security/nss/lib/pk11wrap/pk11skey.c | 15 | ||||
-rw-r--r-- | security/nss/lib/softoken/pkcs11c.c | 14 |
2 files changed, 23 insertions, 6 deletions
diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c index 430b40f3e..ff9bfd32d 100644 --- a/security/nss/lib/pk11wrap/pk11skey.c +++ b/security/nss/lib/pk11wrap/pk11skey.c @@ -60,6 +60,8 @@ #define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */ #define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */ +static const SECItem pk11_null_params = { 0 }; + /* forward static declarations. */ static PK11SymKey *pk11_DeriveWithTemplate(PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target, @@ -3440,7 +3442,8 @@ PK11_DestroyContext(PK11Context *context, PRBool freeit) /* initialize the critical fields of the context */ if (context->savedData != NULL ) PORT_Free(context->savedData); if (context->key) PK11_FreeSymKey(context->key); - if (context->param) SECITEM_FreeItem(context->param, PR_TRUE); + if (context->param && context->param != &pk11_null_params) + SECITEM_FreeItem(context->param, PR_TRUE); if (context->sessionLock) PZ_DestroyLock(context->sessionLock); PK11_FreeSlot(context->slot); if (freeit) PORT_Free(context); @@ -3635,7 +3638,15 @@ static PK11Context *pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type, /* save the parameters so that some digesting stuff can do multiple * begins on a single context */ context->type = type; - context->param = SECITEM_DupItem(param); + if (param) { + if (param->len > 0) { + context->param = SECITEM_DupItem(param); + } else { + context->param = (SECItem *)&pk11_null_params; + } + } else { + context->param = NULL; + } context->init = PR_FALSE; context->sessionLock = PZ_NewLock(nssILockPK11cxt); if ((context->param == NULL) || (context->sessionLock == NULL)) { diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index 82da04d16..604071159 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -4481,14 +4481,20 @@ CK_RV NSC_DeriveKey( CK_SESSION_HANDLE hSession, /* ** client_write_IV[CipherSpec.IV_size] */ - PORT_Memcpy(ssl3_keys_out->pIVClient, &key_block[i], IVSize); - i += IVSize; + if (IVSize > 0) { + PORT_Memcpy(ssl3_keys_out->pIVClient, + &key_block[i], IVSize); + i += IVSize; + } /* ** server_write_IV[CipherSpec.IV_size] */ - PORT_Memcpy(ssl3_keys_out->pIVServer, &key_block[i], IVSize); - i += IVSize; + if (IVSize > 0) { + PORT_Memcpy(ssl3_keys_out->pIVServer, + &key_block[i], IVSize); + i += IVSize; + } PORT_Assert(i <= sizeof key_block); } else if (!isTLS) { |