Bug 1061725 - Fix CERT_DecodeTrustString() to call PORT_SetError() if trust string is invalid. r=emaldona NSS_3_18_BETA7
authorCykesiopka <cykesiopka.bmo@gmail.com>
Thu, 26 Feb 2015 00:24:37 +0100
changeset 11379 483fbe78c2b2707a53185e63ab37d72af4883aa5
parent 11378 ae29899e361930feb51e858d4e3f4b82b06751b1
child 11380 484e72583add151908d4e34ff9b2f811df719f54
push id581
push userkaie@kuix.de
push dateWed, 25 Feb 2015 23:24:58 +0000
reviewersemaldona
bugs1061725
Bug 1061725 - Fix CERT_DecodeTrustString() to call PORT_SetError() if trust string is invalid. r=emaldona
lib/certdb/certdb.c
--- a/lib/certdb/certdb.c
+++ b/lib/certdb/certdb.c
@@ -2311,31 +2311,31 @@ CERT_FixupEmailAddr(const char *emailAdd
 /*
  * NOTE - don't allow encode of govt-approved or invisible bits
  */
 SECStatus
 CERT_DecodeTrustString(CERTCertTrust *trust, const char *trusts)
 {
     unsigned int i;
     unsigned int *pflags;
-    
+
     if (!trust) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return SECFailure;
     }
     trust->sslFlags = 0;
     trust->emailFlags = 0;
     trust->objectSigningFlags = 0;
     if (!trusts) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return SECFailure;
     }
 
     pflags = &trust->sslFlags;
-    
+
     for (i=0; i < PORT_Strlen(trusts); i++) {
 	switch (trusts[i]) {
 	  case 'p':
 	      *pflags = *pflags | CERTDB_TERMINAL_RECORD;
 	      break;
 
 	  case 'P':
 	      *pflags = *pflags | CERTDB_TRUSTED | CERTDB_TERMINAL_RECORD;
@@ -2371,16 +2371,17 @@ CERT_DecodeTrustString(CERTCertTrust *tr
 	  case ',':
 	      if ( pflags == &trust->sslFlags ) {
 		  pflags = &trust->emailFlags;
 	      } else {
 		  pflags = &trust->objectSigningFlags;
 	      }
 	      break;
 	  default:
+              PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	      return SECFailure;
 	}
     }
 
     return SECSuccess;
 }
 
 static void