Bug 1211543 - Don't call SECKEY_DestroyPrivateKeyInfo() for PrivateKeyInfo structures with a zero-length octet string r=franziskus

author: Tim Taubert <ttaubert@mozilla.com> 2016-04-22 12:10:37 +0200
committer: Tim Taubert <ttaubert@mozilla.com> 2016-04-22 12:10:37 +0200
commit: 8ed81e669c9dbea5b61ce2fc8fc3a99d819334e2 (patch)
tree: 2b5173cc346fb741313527c32dc866478b30646f
parent: e9a1f0052323ac6c83b094a514c873e0c6463c24 (diff)
download: nss-hg-8ed81e669c9dbea5b61ce2fc8fc3a99d819334e2.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/pk11wrap/pk11pk12.c b/lib/pk11wrap/pk11pk12.c
index e5a0a21cf..7e1ce0d47 100644
--- a/lib/pk11wrap/pk11pk12.c
+++ b/lib/pk11wrap/pk11pk12.c
@@ -233,10 +233,12 @@ PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI,
 
     rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate,
 		derPKI);
-    if( rv != SECSuccess ) {
+    if (rv != SECSuccess || pki->privateKey.data == NULL) {
         /* If SEC_ASN1DecodeItem fails, we cannot assume anything about the
          * validity of the data in pki. The best we can do is free the arena
-         * and return.
+         * and return. Do the same if SECKEYPrivateKeyInfo.privateKey is a
+         * zero-length octet string (i.e. NULL) to avoid trying to zero the
+         * corresponding SECItem.
          */
         PORT_FreeArena(temparena, PR_TRUE);
         return rv;
author	Tim Taubert <ttaubert@mozilla.com>	2016-04-22 12:10:37 +0200
committer	Tim Taubert <ttaubert@mozilla.com>	2016-04-22 12:10:37 +0200
commit	8ed81e669c9dbea5b61ce2fc8fc3a99d819334e2 (patch)
tree	2b5173cc346fb741313527c32dc866478b30646f
parent	e9a1f0052323ac6c83b094a514c873e0c6463c24 (diff)
download	nss-hg-8ed81e669c9dbea5b61ce2fc8fc3a99d819334e2.tar.gz