| OLD | NEW |
| (Empty) |
| 1 Index: mozilla/security/nss/lib/ssl/ssl3ext.c | |
| 2 =================================================================== | |
| 3 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3ext.c,v | |
| 4 retrieving revision 1.21 | |
| 5 diff -u -p -r1.21 ssl3ext.c | |
| 6 --- mozilla/security/nss/lib/ssl/ssl3ext.c 15 Feb 2012 21:52:08 -0000
1.21 | |
| 7 +++ mozilla/security/nss/lib/ssl/ssl3ext.c 10 Mar 2012 00:01:26 -0000 | |
| 8 @@ -592,10 +592,7 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc | |
| 9 unsigned char resultBuffer[255]; | |
| 10 SECItem result = { siBuffer, resultBuffer, 0 }; | |
| 11 | |
| 12 - if (ss->firstHsDone) { | |
| 13 - PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); | |
| 14 - return SECFailure; | |
| 15 - } | |
| 16 + PORT_Assert(!ss->firstHsDone); | |
| 17 | |
| 18 rv = ssl3_ValidateNextProtoNego(data->data, data->len); | |
| 19 if (rv != SECSuccess) | |
| 20 @@ -607,6 +604,8 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc | |
| 21 */ | |
| 22 PORT_Assert(ss->nextProtoCallback != NULL); | |
| 23 if (!ss->nextProtoCallback) { | |
| 24 + /* XXX Use a better error code. This is an application error, not an | |
| 25 + * NSS bug. */ | |
| 26 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); | |
| 27 return SECFailure; | |
| 28 } | |
| 29 @@ -617,7 +616,7 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSoc | |
| 30 return rv; | |
| 31 /* If the callback wrote more than allowed to |result| it has corrupted our | |
| 32 * stack. */ | |
| 33 - if (result.len > sizeof result) { | |
| 34 + if (result.len > sizeof resultBuffer) { | |
| 35 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 36 return SECFailure; | |
| 37 } | |
| 38 Index: mozilla/security/nss/lib/ssl/sslsock.c | |
| 39 =================================================================== | |
| 40 RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v | |
| 41 retrieving revision 1.82 | |
| 42 diff -u -p -r1.82 sslsock.c | |
| 43 --- mozilla/security/nss/lib/ssl/sslsock.c 15 Feb 2012 21:52:08 -0000
1.82 | |
| 44 +++ mozilla/security/nss/lib/ssl/sslsock.c 10 Mar 2012 00:01:26 -0000 | |
| 45 @@ -1303,7 +1303,7 @@ SSL_SetNextProtoCallback(PRFileDesc *fd, | |
| 46 return SECSuccess; | |
| 47 } | |
| 48 | |
| 49 -/* NextProtoStandardCallback is set as an NPN callback for the case when | |
| 50 +/* ssl_NextProtoNegoCallback is set as an NPN callback for the case when | |
| 51 * SSL_SetNextProtoNego is used. | |
| 52 */ | |
| 53 static SECStatus | |
| 54 @@ -1349,12 +1349,12 @@ pick_first: | |
| 55 result = ss->opt.nextProtoNego.data; | |
| 56 | |
| 57 found: | |
| 58 - *protoOutLen = result[0]; | |
| 59 if (protoMaxLen < result[0]) { | |
| 60 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 61 return SECFailure; | |
| 62 } | |
| 63 memcpy(protoOut, result + 1, result[0]); | |
| 64 + *protoOutLen = result[0]; | |
| 65 return SECSuccess; | |
| 66 } | |
| 67 | |
| 68 @@ -1408,13 +1408,12 @@ SSL_GetNextProto(PRFileDesc *fd, SSLNext | |
| 69 | |
| 70 if (ss->ssl3.nextProtoState != SSL_NEXT_PROTO_NO_SUPPORT && | |
| 71 ss->ssl3.nextProto.data) { | |
| 72 - *bufLen = ss->ssl3.nextProto.len; | |
| 73 - if (*bufLen > bufLenMax) { | |
| 74 + if (ss->ssl3.nextProto.len > bufLenMax) { | |
| 75 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 76 - *bufLen = 0; | |
| 77 return SECFailure; | |
| 78 } | |
| 79 PORT_Memcpy(buf, ss->ssl3.nextProto.data, ss->ssl3.nextProto.len); | |
| 80 + *bufLen = ss->ssl3.nextProto.len; | |
| 81 } else { | |
| 82 *bufLen = 0; | |
| 83 } | |
| OLD | NEW |