| Index: mozilla/security/nss/lib/util/dersubr.c
|
| ===================================================================
|
| --- mozilla/security/nss/lib/util/dersubr.c (revision 158129)
|
| +++ mozilla/security/nss/lib/util/dersubr.c (working copy)
|
| @@ -184,6 +184,12 @@
|
| unsigned long overflow = 0x1ffUL << (((sizeof(ival) - 1) * 8) - 1);
|
| unsigned long ofloinit;
|
|
|
| + PORT_Assert(len);
|
| + if (!len) {
|
| + PORT_SetError(SEC_ERROR_INPUT_LEN);
|
| + return 0;
|
| + }
|
| +
|
| if (*cp & 0x80)
|
| ival = -1L;
|
| ofloinit = ival & overflow;
|
| @@ -205,7 +211,7 @@
|
|
|
| /*
|
| ** Convert a der encoded *unsigned* integer into a machine integral value.
|
| -** If an underflow/overflow occurs, sets error code and returns min/max.
|
| +** If an overflow occurs, sets error code and returns max.
|
| */
|
| unsigned long
|
| DER_GetUInteger(SECItem *it)
|
| @@ -215,6 +221,12 @@
|
| unsigned char *cp = it->data;
|
| unsigned long overflow = 0xffUL << ((sizeof(ival) - 1) * 8);
|
|
|
| + PORT_Assert(len);
|
| + if (!len) {
|
| + PORT_SetError(SEC_ERROR_INPUT_LEN);
|
| + return 0;
|
| + }
|
| +
|
| /* Cannot put a negative value into an unsigned container. */
|
| if (*cp & 0x80) {
|
| PORT_SetError(SEC_ERROR_BAD_DER);
|
|
|
Chromium Code Reviews
Issue 10961060:
Update NSS to NSS 3.14 Beta 1. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/