Check X509Certificate::CreateFromHandle result.

net/cert/cert_verify_proc_mac.cc

Index: net/cert/cert_verify_proc_mac.cc
diff --git a/net/cert/cert_verify_proc_mac.cc b/net/cert/cert_verify_proc_mac.cc
index f31e4023b195faf719dd72be9414c052f9dcce6a..c0b84a165f8308952b410335151466de59843fa3 100644
--- a/net/cert/cert_verify_proc_mac.cc
+++ b/net/cert/cert_verify_proc_mac.cc
@@ -180,7 +180,7 @@ OSStatus CreateTrustPolicies(int flags, ScopedCFTypeRef<CFArrayRef>* policies) {
 
 // Stores the constructed certificate chain |cert_chain| into
 // |*verify_result|. |cert_chain| must not be empty.
-void CopyCertChainToVerifyResult(CFArrayRef cert_chain,
+bool CopyCertChainToVerifyResult(CFArrayRef cert_chain,
                                  CertVerifyResult* verify_result) {
   DCHECK_LT(0, CFArrayGetCount(cert_chain));
 
@@ -197,11 +197,15 @@ void CopyCertChainToVerifyResult(CFArrayRef cert_chain,
   }
   if (!verified_cert) {
     NOTREACHED();
-    return;
+    return false;
   }
 
-  verify_result->verified_cert =
+  scoped_refptr<X509Certificate> verified_cert_with_chain =
       X509Certificate::CreateFromHandle(verified_cert, verified_chain);
+  if (!verified_cert_with_chain)
+    return false;
+  verify_result->verified_cert = std::move(verified_cert_with_chain);
+  return true;
 }
 
 // Returns true if the certificate uses MD2, MD4, MD5, or SHA1, and false
@@ -894,7 +898,8 @@ int VerifyWithGivenFlags(X509Certificate* cert,
     verify_result->cert_status |= CERT_STATUS_REVOKED;
 
   if (CFArrayGetCount(completed_chain) > 0) {
-    CopyCertChainToVerifyResult(completed_chain, verify_result);
+    if (!CopyCertChainToVerifyResult(completed_chain, verify_result))
+      verify_result->cert_status |= CERT_STATUS_INVALID;
   }
 
   // As of Security Update 2012-002/OS X 10.7.4, when an RSA key < 1024 bits