Bug 572289: SEC_ASN1EncodeInteger cannot correctly encode some positive

integer values. r=nelson. Tag: NSS_3_12_BRANCH
author: wtc%google.com <devnull@localhost> 2011-01-13 00:26:57 +0000
committer: wtc%google.com <devnull@localhost> 2011-01-13 00:26:57 +0000
commit: 7be65c82cf37dbfa704e9722f1c69851580f212e (patch)
tree: 58fcdf1b0525c088fdc6928a46602e6a4f295afe /security/nss
parent: 26e38d3e029b6201bc777a9d9c780a36b6ed57fc (diff)
download: nss-hg-7be65c82cf37dbfa704e9722f1c69851580f212e.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/security/nss/lib/util/secasn1e.c b/security/nss/lib/util/secasn1e.c
index 2300060df..9283b1758 100644
--- a/security/nss/lib/util/secasn1e.c
+++ b/security/nss/lib/util/secasn1e.c
@@ -1587,7 +1587,7 @@ SEC_ASN1EncodeItem (PRArenaPool *poolp, SECItem *dest, const void *src,
 
 static SECItem *
 sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
-		  PRBool make_unsigned)
+		  PRBool is_unsigned)
 {
     unsigned long copy;
     unsigned char sign;
@@ -1604,11 +1604,11 @@ sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
     } while (copy);
 
     /*
-     * If this is an unsigned encoding, and the high bit of the last
+     * If 'value' is non-negative, and the high bit of the last
      * byte we counted was set, we need to add one to the length so
      * we put a high-order zero byte in the encoding.
      */
-    if (sign && make_unsigned)
+    if (sign && (is_unsigned || (long)value >= 0))
 	len++;
 
     /*
author	wtc%google.com <devnull@localhost>	2011-01-13 00:26:57 +0000
committer	wtc%google.com <devnull@localhost>	2011-01-13 00:26:57 +0000
commit	7be65c82cf37dbfa704e9722f1c69851580f212e (patch)
tree	58fcdf1b0525c088fdc6928a46602e6a4f295afe /security/nss
parent	26e38d3e029b6201bc777a9d9c780a36b6ed57fc (diff)
download	nss-hg-7be65c82cf37dbfa704e9722f1c69851580f212e.tar.gz