net: retain leading zero bytes in X.509 serial numbers.

net/base/x509_certificate_unittest.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/path_service.h"
 #include "base/pickle.h"
 #include "base/sha1.h"
 #include "base/string_number_conversions.h"
@@ skipping 411 matching lines @@
   EXPECT_TRUE(memcmp(google_cert->serial_number().data(), google_serial,
                      sizeof(google_serial)) == 0);
 
   // We also want to check a serial number where the first byte is >= 0x80 in
   // case the underlying library tries to pad it.
   scoped_refptr<X509Certificate> paypal_null_cert(
       X509Certificate::CreateFromBytes(
           reinterpret_cast<const char*>(paypal_null_der),
           sizeof(paypal_null_der)));
 
-  static const uint8 paypal_null_serial[2] = {0xf0, 0x9b};
+  static const uint8 paypal_null_serial[3] = {0x00, 0xf0, 0x9b};
   ASSERT_EQ(sizeof(paypal_null_serial),
             paypal_null_cert->serial_number().size());
   EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(),
                      paypal_null_serial, sizeof(paypal_null_serial)) == 0);
 }
 
 // A regression test for http://crbug.com/31497.
 // This certificate will expire on 2012-04-08.
 TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) {
   FilePath certs_dir = GetTestCertsDirectory();
@@ skipping 1011 matching lines @@
   }
 
   EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname(
       test_data.hostname, common_name, dns_names, ip_addressses));
 }
 
 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest,
                         testing::ValuesIn(kNameVerifyTestData));
 
 }  // namespace net