Bug 1779398 - land NSS 164849c15197 UPGRADE_NSS_RELEASE, r=nss-reviewers,djackson
authorAnna Weine <anna.weine@mozilla.com>
Tue, 19 Jul 2022 12:49:20 +0000
changeset 624360 c241b249b24fa60f4427279a0ab8cfed3ac2ca19
parent 624359 fbb29df4aa9e5138b6c754e0ef21e080e28913e8
child 624361 e41e26ded66e031bffd54533d70f8be5a069fa7a
push id40003
push userctuns@mozilla.com
push dateTue, 19 Jul 2022 21:35:33 +0000
treeherdermozilla-central@5537d628706e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersnss-reviewers, djackson
bugs1779398, 1777672
milestone104.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1779398 - land NSS 164849c15197 UPGRADE_NSS_RELEASE, r=nss-reviewers,djackson 2022-07-18 Kai Engert <kaie@kuix.de> * lib/certhigh/certvfy.c: Bug 1777672 - Gracefully handle null nickname in CERT_GetCertNicknameWithValidity. r=rrelyea [164849c15197] [tip] Differential Revision: https://phabricator.services.mozilla.com/D152169
security/nss/TAG-INFO
security/nss/coreconf/coreconf.dep
security/nss/lib/certhigh/certvfy.c
--- a/security/nss/TAG-INFO
+++ b/security/nss/TAG-INFO
@@ -1,1 +1,1 @@
-cafb891ea6ce
\ No newline at end of file
+164849c15197
\ No newline at end of file
--- a/security/nss/coreconf/coreconf.dep
+++ b/security/nss/coreconf/coreconf.dep
@@ -5,8 +5,9 @@
 
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSS in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
+
--- a/security/nss/lib/certhigh/certvfy.c
+++ b/security/nss/lib/certhigh/certvfy.c
@@ -1908,41 +1908,45 @@ CERT_FilterCertListByCANames(CERTCertLis
  *      not yet good.
  */
 char *
 CERT_GetCertNicknameWithValidity(PLArenaPool *arena, CERTCertificate *cert,
                                  char *expiredString, char *notYetGoodString)
 {
     SECCertTimeValidity validity;
     char *nickname = NULL, *tmpstr = NULL;
+    const char *srcNickname = cert->nickname;
+    if (!srcNickname) {
+        srcNickname = "{???}";
+    }
 
     validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE);
 
     /* if the cert is good, then just use the nickname directly */
     if (validity == secCertTimeValid) {
         if (arena == NULL) {
-            nickname = PORT_Strdup(cert->nickname);
+            nickname = PORT_Strdup(srcNickname);
         } else {
-            nickname = PORT_ArenaStrdup(arena, cert->nickname);
+            nickname = PORT_ArenaStrdup(arena, srcNickname);
         }
 
         if (nickname == NULL) {
             goto loser;
         }
     } else {
 
         /* if the cert is not valid, then tack one of the strings on the
          * end
          */
         if (validity == secCertTimeExpired) {
-            tmpstr = PR_smprintf("%s%s", cert->nickname,
+            tmpstr = PR_smprintf("%s%s", srcNickname,
                                  expiredString);
         } else if (validity == secCertTimeNotValidYet) {
             /* not yet valid */
-            tmpstr = PR_smprintf("%s%s", cert->nickname,
+            tmpstr = PR_smprintf("%s%s", srcNickname,
                                  notYetGoodString);
         } else {
             /* undetermined */
             tmpstr = PR_smprintf("%s",
                                  "(NULL) (Validity Unknown)");
         }
 
         if (tmpstr == NULL) {