Check X509Certificate::CreateFromHandle result.

net/cert/cert_verify_proc_mac.cc

Index: net/cert/cert_verify_proc_mac.cc
diff --git a/net/cert/cert_verify_proc_mac.cc b/net/cert/cert_verify_proc_mac.cc
index f31e4023b195faf719dd72be9414c052f9dcce6a..2aa6226bdfb87d7ffba16e6e14877027c7375808 100644
--- a/net/cert/cert_verify_proc_mac.cc
+++ b/net/cert/cert_verify_proc_mac.cc
@@ -180,7 +180,7 @@ OSStatus CreateTrustPolicies(int flags, ScopedCFTypeRef<CFArrayRef>* policies) {
 
 // Stores the constructed certificate chain |cert_chain| into
 // |*verify_result|. |cert_chain| must not be empty.
-void CopyCertChainToVerifyResult(CFArrayRef cert_chain,
+bool CopyCertChainToVerifyResult(CFArrayRef cert_chain,
                                  CertVerifyResult* verify_result) {
   DCHECK_LT(0, CFArrayGetCount(cert_chain));
 
@@ -197,11 +197,12 @@ void CopyCertChainToVerifyResult(CFArrayRef cert_chain,
   }
   if (!verified_cert) {
     NOTREACHED();
-    return;
+    return false;
   }
 
   verify_result->verified_cert =
       X509Certificate::CreateFromHandle(verified_cert, verified_chain);
+  return !!verify_result->verified_cert;
 }
 
 // Returns true if the certificate uses MD2, MD4, MD5, or SHA1, and false
@@ -894,7 +895,8 @@ int VerifyWithGivenFlags(X509Certificate* cert,
     verify_result->cert_status |= CERT_STATUS_REVOKED;
 
   if (CFArrayGetCount(completed_chain) > 0) {
-    CopyCertChainToVerifyResult(completed_chain, verify_result);
+    if (!CopyCertChainToVerifyResult(completed_chain, verify_result))
+      return ERR_CERT_INVALID;

[eroman, 2017/03/22 22:17:52]

same question about cert_status throughout.

[mattm, 2017/03/23 22:59:02]

Acknowledged.

   }
 
   // As of Security Update 2012-002/OS X 10.7.4, when an RSA key < 1024 bits