diff options
author | wtchang%redhat.com <devnull@localhost> | 2005-01-04 22:00:01 +0000 |
---|---|---|
committer | wtchang%redhat.com <devnull@localhost> | 2005-01-04 22:00:01 +0000 |
commit | 4d45c330272e04713b131fdc4cec641dd4d7c0c2 (patch) | |
tree | 611c3f0b2ad2e2d2ca47243fd1d2b6586cbb4828 /security/nss/lib/pk11wrap/pk11cxt.c | |
parent | 189a2e69ede1fce42311a40b4b0fb5bced3d27fd (diff) | |
download | nss-hg-4d45c330272e04713b131fdc4cec641dd4d7c0c2.tar.gz |
Bugzilla Bug 276180: defend against invalid arguments to PK11_HashBuf
and PK11_DigestOp. r=nelsonb.
Diffstat (limited to 'security/nss/lib/pk11wrap/pk11cxt.c')
-rw-r--r-- | security/nss/lib/pk11wrap/pk11cxt.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/security/nss/lib/pk11wrap/pk11cxt.c b/security/nss/lib/pk11wrap/pk11cxt.c index f0c41d052..4428fda9b 100644 --- a/security/nss/lib/pk11wrap/pk11cxt.c +++ b/security/nss/lib/pk11wrap/pk11cxt.c @@ -624,6 +624,12 @@ PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, unsigned char *in, unsigned int out_length; SECStatus rv; + /* len will be passed to PK11_DigestOp as unsigned. */ + if (len < 0) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + context = PK11_CreateDigestContext(hashAlg); if (context == NULL) return SECFailure; @@ -771,6 +777,11 @@ PK11_DigestOp(PK11Context *context, const unsigned char * in, unsigned inLen) CK_RV crv = CKR_OK; SECStatus rv = SECSuccess; + if (!in) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + /* if we ran out of session, we need to restore our previously stored * state. */ |