diff options
| author | jpierre%netscape.com <devnull@localhost> | 2002-05-15 23:59:40 +0000 |
|---|---|---|
| committer | jpierre%netscape.com <devnull@localhost> | 2002-05-15 23:59:40 +0000 |
| commit | 3b3d96a7c948664fd199ddcfed4f0eaa6730932c (patch) | |
| tree | c77c7b630a21eaf7fe3ac8ae7cb95b512a240993 /security/nss/lib | |
| parent | 6a97184f092d1bd7a50bb9a0803bd8de20111811 (diff) | |
| download | nss-hg-3b3d96a7c948664fd199ddcfed4f0eaa6730932c.tar.gz | |
Fix for 141256 - correct HTTP parsing for OCSP in NSS
Diffstat (limited to 'security/nss/lib')
| -rw-r--r-- | security/nss/lib/certhigh/ocsp.c | 28 |
1 files changed, 6 insertions, 22 deletions
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index 4d4c549ac..6afa26b59 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -1490,6 +1490,9 @@ ocsp_GetResponseSignature(CERTOCSPResponse *response) ocspBasicOCSPResponse *basic; PORT_Assert(response != NULL); + if (NULL == response->responseBytes) { + return NULL; + } PORT_Assert(response->responseBytes != NULL); PORT_Assert(response->responseBytes->responseTypeTag == SEC_OID_PKIX_OCSP_BASIC_RESPONSE); @@ -1515,7 +1518,7 @@ CERT_DestroyOCSPResponse(CERTOCSPResponse *response) { if (response != NULL) { ocspSignature *signature = ocsp_GetResponseSignature(response); - if (signature->cert != NULL) + if (signature && signature->cert != NULL) CERT_DestroyCertificate(signature->cert); /* @@ -1853,7 +1856,8 @@ ocsp_GetEncodedResponse(PRArenaPool *arena, PRFileDesc *sock) bufsize = OCSP_BUFSIZE; - buf = PORT_Alloc(bufsize); + buf = PORT_Alloc(bufsize+1); + buf[bufsize] = 0; /* NULL termination so string functions are OK */ if (buf == NULL) { goto loser; } @@ -2015,26 +2019,6 @@ ocsp_GetEncodedResponse(PRArenaPool *arena, PRFileDesc *sock) continue; } /* - * So, we have a good newline pointer (just past a CR, LF or CRLF), - * but now we want to make sure that what it points to is long - * enough to be something we are looking for. If it isn't, add - * more to the buffer after first copying what's left to the - * beginning. - */ - if (((char *)bufEnd - newline) < 40) { - len = (char *)bufEnd - newline; - PORT_Memmove(buf, newline, len); - bytesRead = ocsp_MinMaxRead(sock, buf + len, 40 - len, - bufsize - len); - if (bytesRead <= 0) { - if (bytesRead == 0) - PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE); - goto loser; - } - newline = (char *)buf; - bufEnd = buf + len + bytesRead; - } - /* * Okay, now we know that we are looking at an HTTP header line * with enough length to be safe for our comparisons. See if it is * one of the ones we are interested in. (That is, "Content-Length" |