Bug 979070, don't assert in CERT_DecodeOCSPResponse, return a better error code
authorDavid Keeler <dkeeler@mozilla.com>
Fri, 21 Mar 2014 12:59:13 +0100
changeset 11090 269609f72a3aaf0a6718d53278272b35d187be2f
parent 11089 5d5cf486591351c3908dc0ed8cb56460f534b566
child 11091 96512d249e7dc6be83d805974eda6e895ed0450a
push id339
push userkaie@kuix.de
push dateFri, 21 Mar 2014 11:59:19 +0000
bugs979070
Bug 979070, don't assert in CERT_DecodeOCSPResponse, return a better error code
lib/certhigh/ocsp.c
--- a/lib/certhigh/ocsp.c
+++ b/lib/certhigh/ocsp.c
@@ -2572,19 +2572,18 @@ loser:
 
 /*
  * Decode the responseBytes based on the responseType found in "rbytes",
  * leaving the resulting translated/decoded information in there as well.
  */
 static SECStatus
 ocsp_DecodeResponseBytes(PLArenaPool *arena, ocspResponseBytes *rbytes)
 {
-    PORT_Assert(rbytes != NULL);		/* internal error, really */
     if (rbytes == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);	/* XXX set better error? */
+	PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
 	return SECFailure;
     }
 
     rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
     switch (rbytes->responseTypeTag) {
 	case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
 	    {
 		ocspBasicOCSPResponse *basicResponse;