diff options
author | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-06-08 10:53:01 +0000 |
---|---|---|
committer | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-06-08 10:53:01 +0000 |
commit | f95d45c36e7c7131747259956821d844e8952e5d (patch) | |
tree | eee14f8b212c48f8597c2a4927a167fcc3a15ea5 /nss/lib/softoken/legacydb/pcertdb.c | |
parent | dc1565216a5d20ae0d75872151523252309a1292 (diff) | |
download | nss-f95d45c36e7c7131747259956821d844e8952e5d.tar.gz |
Diffstat (limited to 'nss/lib/softoken/legacydb/pcertdb.c')
-rw-r--r-- | nss/lib/softoken/legacydb/pcertdb.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/nss/lib/softoken/legacydb/pcertdb.c b/nss/lib/softoken/legacydb/pcertdb.c index 65da516..f1444bf 100644 --- a/nss/lib/softoken/legacydb/pcertdb.c +++ b/nss/lib/softoken/legacydb/pcertdb.c @@ -733,6 +733,12 @@ DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry) entry->derCert.len += lenoff; } + /* Is data long enough? */ + if (dbentry->len < headerlen + entry->derCert.len) { + PORT_SetError(SEC_ERROR_BAD_DATABASE); + goto loser; + } + /* copy the dercert */ entry->derCert.data = pkcs11_copyStaticData(&dbentry->data[headerlen], entry->derCert.len, entry->derCertSpace, sizeof(entry->derCertSpace)); @@ -743,6 +749,11 @@ DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry) /* copy the nickname */ if (nnlen > 1) { + /* Is data long enough? */ + if (dbentry->len < headerlen + entry->derCert.len + nnlen) { + PORT_SetError(SEC_ERROR_BAD_DATABASE); + goto loser; + } entry->nickname = (char *)pkcs11_copyStaticData( &dbentry->data[headerlen + entry->derCert.len], nnlen, (unsigned char *)entry->nicknameSpace, |