roytam1/basilisk55
1
0
Fork 0
mirror of https://github.com/roytam1/basilisk55.git synced 2026-05-26 05:02:25 +00:00
Code Issues Projects Releases Wiki Activity

import from UXP: Bug 2029818 - avoid refcount over-release in CERT_CertChainFromCert error path. (62d731d2)

Browse Source
This commit is contained in:
roytam1
2026-05-26 10:18:23 +08:00
parent 8bc7cd06a2
commit 60c2cf3807
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
security/nss/lib/certhigh/certhigh.c
+5 -4
View File
@@ -1035,7 +1035,7 @@ CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
NSSCertificate *stanCert;
PLArenaPool *arena;
NSSUsage nssUsage;
int i, len;
int i = 0, len;
NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
NSSCryptoContext *cc = STAN_GetDefaultCryptoContext();
@@ -1072,7 +1072,6 @@ CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
chain->certs = (SECItem *)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
if (!chain->certs)
goto loser;
i = 0;
stanCert = stanChain[i];
while (stanCert) {
SECItem derCert;
@@ -1084,7 +1083,7 @@ CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
derCert.data = (unsigned char *)stanCert->encoding.data;
derCert.type = siBuffer;
if (SECITEM_CopyItem(arena, &chain->certs[i], &derCert) != SECSuccess) {
CERT_DestroyCertificate(cCert);
/* loser: will release stanChain[i]; don't release it here too. */
goto loser;
}
stanCert = stanChain[++i];
@@ -1106,7 +1105,9 @@ CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
nss_ZFreeIf(stanChain);
return chain;
loser:
i = 0;
/* Release only the chain entries not already released by the copy
* loop above; entries 0..i-1 have already had their BuildChain
* reference dropped, so start at i to avoid an over-release. */
stanCert = stanChain[i];
while (stanCert) {
CERTCertificate *cCert = STAN_GetCERTCertificate(stanCert);