diff options
Diffstat (limited to 'security/nss/lib/pki/pkibase.c')
-rw-r--r-- | security/nss/lib/pki/pkibase.c | 60 |
1 files changed, 53 insertions, 7 deletions
diff --git a/security/nss/lib/pki/pkibase.c b/security/nss/lib/pki/pkibase.c index 8b7e95a2b..a06668cf6 100644 --- a/security/nss/lib/pki/pkibase.c +++ b/security/nss/lib/pki/pkibase.c @@ -145,6 +145,23 @@ nssPKIObject_AddInstance for (i=0; i<object->numInstances; i++) { if (nssCryptokiObject_Equal(object->instances[i], instance)) { PZ_Unlock(object->lock); + if (instance->label) { + if (!object->instances[i]->label || + !nssUTF8_Equal(instance->label, + object->instances[i]->label, NULL)) + { + /* Either the old instance did not have a label, + * or the label has changed. + */ + nss_ZFreeIf(object->instances[i]->label); + object->instances[i]->label = instance->label; + instance->label = NULL; + } + } else if (object->instances[i]->label) { + /* The old label was removed */ + nss_ZFreeIf(object->instances[i]->label); + object->instances[i]->label = NULL; + } nssCryptokiObject_Destroy(instance); return PR_SUCCESS; } @@ -360,7 +377,9 @@ nssCertificateArray_Destroy #ifdef NSS_3_4_CODE if ((*certp)->decoding) { CERTCertificate *cc = STAN_GetCERTCertificate(*certp); - CERT_DestroyCertificate(cc); + if (cc) { + CERT_DestroyCertificate(cc); + } continue; } #endif @@ -823,6 +842,17 @@ loser: return PR_FAILURE; } +static void +nssPKIObjectCollection_RemoveNode +( + nssPKIObjectCollection *collection, + pkiObjectCollectionNode *node +) +{ + PR_REMOVE_LINK(&node->link); + collection->size--; +} + static PRStatus nssPKIObjectCollection_GetObjects ( @@ -834,13 +864,16 @@ nssPKIObjectCollection_GetObjects PRUint32 i = 0; PRCList *link = PR_NEXT_LINK(&collection->head); pkiObjectCollectionNode *node; - while (link != &collection->head) { + while ((i < rvSize) && (link != &collection->head)) { node = (pkiObjectCollectionNode *)link; if (!node->haveObject) { /* Convert the proto-object to an object */ node->object = (*collection->createObject)(node->object); if (!node->object) { - return PR_FAILURE; + link = PR_NEXT_LINK(link); + /*remove bogus object from list*/ + nssPKIObjectCollection_RemoveNode(collection,node); + continue; } node->haveObject = PR_TRUE; } @@ -865,7 +898,10 @@ nssPKIObjectCollection_Traverse if (!node->haveObject) { node->object = (*collection->createObject)(node->object); if (!node->object) { - return PR_FAILURE; + link = PR_NEXT_LINK(link); + /*remove bogus object from list*/ + nssPKIObjectCollection_RemoveNode(collection,node); + continue; } node->haveObject = PR_TRUE; } @@ -906,6 +942,11 @@ nssPKIObjectCollection_AddInstanceAsObject } if (!node->haveObject) { node->object = (*collection->createObject)(node->object); + if (!node->object) { + /*remove bogus object from list*/ + nssPKIObjectCollection_RemoveNode(collection,node); + return PR_FAILURE; + } node->haveObject = PR_TRUE; } #ifdef NSS_3_4_CODE @@ -932,8 +973,10 @@ cert_destroyObject(nssPKIObject *o) #ifdef NSS_3_4_CODE if (c->decoding) { CERTCertificate *cc = STAN_GetCERTCertificate(c); - CERT_DestroyCertificate(cc); - return; + if (cc) { + CERT_DestroyCertificate(cc); + return; + } /* else destroy it as NSSCertificate below */ } #endif nssCertificate_Destroy(c); @@ -1002,7 +1045,10 @@ cert_createObject(nssPKIObject *o) NSSCertificate *cert; cert = nssCertificate_Create(o); #ifdef NSS_3_4_CODE - (void)STAN_GetCERTCertificate(cert); + if (STAN_GetCERTCertificate(cert) == NULL) { + nssCertificate_Destroy(cert); + return (nssPKIObject *)NULL; + } /* In 3.4, have to maintain uniqueness of cert pointers by caching all * certs. Cache the cert here, before returning. If it is already * cached, take the cached entry. |