ssl3_PlatformSignHashes should set buf->len to the...

net/third_party/nss/ssl/sslplatf.c

Index: net/third_party/nss/ssl/sslplatf.c
===================================================================
--- net/third_party/nss/ssl/sslplatf.c	(revision 65888)
+++ net/third_party/nss/ssl/sslplatf.c	(working copy)
@@ -260,7 +260,6 @@
         ssl_MapLowLevelError(SSL_ERROR_SIGN_HASHES_FAILURE);
         goto done;
     }
-    buf->len  = signatureLen;
     buf->data = (unsigned char *)PORT_Alloc(signatureLen);
     if (!buf->data)
         goto done;    /* error code was set. */
@@ -270,6 +269,7 @@
         ssl_MapLowLevelError(SSL_ERROR_SIGN_HASHES_FAILURE);
         goto done;
     }
+    buf->len = signatureLen;
 
     /* CryptoAPI signs in little-endian, so reverse */
     for (i = 0; i < buf->len / 2; ++i) {
@@ -424,7 +424,6 @@
         goto done;
     }
 
-    buf->len  = signatureLen;
     buf->data = (unsigned char *)PORT_Alloc(signatureLen);
     if (!buf->data)
         goto done;    /* error code was set. */
@@ -462,7 +461,7 @@
         goto done;
     }
 
-    signatureData.Length = buf->len;
+    signatureData.Length = signatureLen;
     signatureData.Data   = (uint8*)buf->data;
     
     cssmRv = CSSM_CSP_CreateSignatureContext(cspHandle, sigAlg, cssmCreds,
@@ -492,6 +491,7 @@
         ssl_MapLowLevelError(SSL_ERROR_SIGN_HASHES_FAILURE);
         goto done;
     }
+    buf->len = signatureData.Length;
 
     if (doDerEncode) {
         SECItem derSig = {siBuffer, NULL, 0};