| Index: net/third_party/nss/patches/nextprotocleanup.patch
|
| ===================================================================
|
| --- net/third_party/nss/patches/nextprotocleanup.patch (revision 0)
|
| +++ net/third_party/nss/patches/nextprotocleanup.patch (revision 0)
|
| @@ -0,0 +1,83 @@
|
| +Index: mozilla/security/nss/lib/ssl/ssl3ext.c
|
| +===================================================================
|
| +RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3ext.c,v
|
| +retrieving revision 1.21
|
| +diff -u -p -r1.21 ssl3ext.c
|
| +--- mozilla/security/nss/lib/ssl/ssl3ext.c 15 Feb 2012 21:52:08 -0000 1.21
|
| ++++ mozilla/security/nss/lib/ssl/ssl3ext.c 10 Mar 2012 00:01:26 -0000
|
| +@@ -592,10 +592,7 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc
|
| + unsigned char resultBuffer[255];
|
| + SECItem result = { siBuffer, resultBuffer, 0 };
|
| +
|
| +- if (ss->firstHsDone) {
|
| +- PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
|
| +- return SECFailure;
|
| +- }
|
| ++ PORT_Assert(!ss->firstHsDone);
|
| +
|
| + rv = ssl3_ValidateNextProtoNego(data->data, data->len);
|
| + if (rv != SECSuccess)
|
| +@@ -607,6 +604,8 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc
|
| + */
|
| + PORT_Assert(ss->nextProtoCallback != NULL);
|
| + if (!ss->nextProtoCallback) {
|
| ++ /* XXX Use a better error code. This is an application error, not an
|
| ++ * NSS bug. */
|
| + PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
| + return SECFailure;
|
| + }
|
| +@@ -617,7 +616,7 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc
|
| + return rv;
|
| + /* If the callback wrote more than allowed to |result| it has corrupted our
|
| + * stack. */
|
| +- if (result.len > sizeof result) {
|
| ++ if (result.len > sizeof resultBuffer) {
|
| + PORT_SetError(SEC_ERROR_OUTPUT_LEN);
|
| + return SECFailure;
|
| + }
|
| +Index: mozilla/security/nss/lib/ssl/sslsock.c
|
| +===================================================================
|
| +RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
|
| +retrieving revision 1.82
|
| +diff -u -p -r1.82 sslsock.c
|
| +--- mozilla/security/nss/lib/ssl/sslsock.c 15 Feb 2012 21:52:08 -0000 1.82
|
| ++++ mozilla/security/nss/lib/ssl/sslsock.c 10 Mar 2012 00:01:26 -0000
|
| +@@ -1303,7 +1303,7 @@ SSL_SetNextProtoCallback(PRFileDesc *fd,
|
| + return SECSuccess;
|
| + }
|
| +
|
| +-/* NextProtoStandardCallback is set as an NPN callback for the case when
|
| ++/* ssl_NextProtoNegoCallback is set as an NPN callback for the case when
|
| + * SSL_SetNextProtoNego is used.
|
| + */
|
| + static SECStatus
|
| +@@ -1349,12 +1349,12 @@ pick_first:
|
| + result = ss->opt.nextProtoNego.data;
|
| +
|
| + found:
|
| +- *protoOutLen = result[0];
|
| + if (protoMaxLen < result[0]) {
|
| + PORT_SetError(SEC_ERROR_OUTPUT_LEN);
|
| + return SECFailure;
|
| + }
|
| + memcpy(protoOut, result + 1, result[0]);
|
| ++ *protoOutLen = result[0];
|
| + return SECSuccess;
|
| + }
|
| +
|
| +@@ -1408,13 +1408,12 @@ SSL_GetNextProto(PRFileDesc *fd, SSLNext
|
| +
|
| + if (ss->ssl3.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT &&
|
| + ss->ssl3.nextProto.data) {
|
| +- *bufLen = ss->ssl3.nextProto.len;
|
| +- if (*bufLen > bufLenMax) {
|
| ++ if (ss->ssl3.nextProto.len > bufLenMax) {
|
| + PORT_SetError(SEC_ERROR_OUTPUT_LEN);
|
| +- *bufLen = 0;
|
| + return SECFailure;
|
| + }
|
| + PORT_Memcpy(buf, ss->ssl3.nextProto.data, ss->ssl3.nextProto.len);
|
| ++ *bufLen = ss->ssl3.nextProto.len;
|
| + } else {
|
| + *bufLen = 0;
|
| + }
|
|
|
Chromium Code Reviews
Issue 9663034:
Fix a buffer length bug and nits in the next protocol negotiation (NPN) (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/