1 files changed, 14 insertions, 7 deletions

diff --git a/nss/lib/certdb/alg1485.c b/nss/lib/certdb/alg1485.c
index b6736c4..38b2fe4 100644
--- a/nss/lib/certdb/alg1485.c
+++ b/nss/lib/certdb/alg1485.c
@@ -341,13 +341,16 @@ hexToBin(PLArenaPool* pool, SECItem* destItem, const char* src, int len)
         goto loser;
     }
     len >>= 1;
-    if (!SECITEM_AllocItem(pool, destItem, len))
+    if (!SECITEM_AllocItem(pool, destItem, len)) {
         goto loser;
+    }
     dest = destItem->data;
     for (; len > 0; len--, src += 2) {
-        PRInt16 bin = (x2b[(PRUint8)src[0]] << 4) | x2b[(PRUint8)src[1]];
-        if (bin < 0)
+        PRUint16 bin = ((PRUint16)x2b[(PRUint8)src[0]] << 4);
+        bin |= (PRUint16)x2b[(PRUint8)src[1]];
+        if (bin >> 15) { /* is negative */
             goto loser;
+        }
         *dest++ = (PRUint8)bin;
     }
     return SECSuccess;
@@ -372,6 +375,7 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr)
     const char* bp;
     int vt = -1;
     int valLen;
+    PRBool isDottedOid = PR_FALSE;
     SECOidTag kind = SEC_OID_UNKNOWN;
     SECStatus rv = SECFailure;
     SECItem derOid = { 0, NULL, 0 };
@@ -398,8 +402,9 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr)
     }
 
     /* is this a dotted decimal OID attribute type ? */
-    if (!PL_strncasecmp("oid.", tagBuf, 4)) {
+    if (!PL_strncasecmp("oid.", tagBuf, 4) || isdigit(tagBuf[0])) {
         rv = SEC_StringToOID(arena, &derOid, tagBuf, strlen(tagBuf));
+        isDottedOid = (PRBool)(rv == SECSuccess);
     } else {
         for (n2k = name2kinds; n2k->name; n2k++) {
             SECOidData* oidrec;
@@ -425,8 +430,6 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr)
             goto loser;
         a = CERT_CreateAVAFromRaw(arena, &derOid, &derVal);
     } else {
-        if (kind == SEC_OID_UNKNOWN)
-            goto loser;
         if (kind == SEC_OID_AVA_COUNTRY_NAME && valLen != 2)
             goto loser;
         if (vt == SEC_ASN1_PRINTABLE_STRING &&
@@ -442,7 +445,11 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr)
 
         derVal.data = (unsigned char*)valBuf;
         derVal.len = valLen;
-        a = CERT_CreateAVAFromSECItem(arena, kind, vt, &derVal);
+        if (kind == SEC_OID_UNKNOWN && isDottedOid) {
+            a = CERT_CreateAVAFromRaw(arena, &derOid, &derVal);
+        } else {
+            a = CERT_CreateAVAFromSECItem(arena, kind, vt, &derVal);
+        }
     }
     return a;