Fix bugzilla bug 261496. Absent OPTIONAL CHOICEs should not cause fatal NSS_3_9_BRANCH NSS_3_9_3_BETA3
authornelsonb%netscape.com
Mon, 27 Sep 2004 22:07:10 +0000
branchNSS_3_9_BRANCH
changeset 5356 2ad7feecf3f52585f137d57b766c7d5e3a9aaf7b
parent 5354 f3b3d3573b7a373a1a4b0d063af9f83f2ca1a255
child 5368 93d2c82721540427a2a12394d44a7c1e56bad2b2
child 5375 c47cc2cdd5a2afc1bb53d43e72cfbb090e59a6d0
push idunknown
push userunknown
push dateunknown
bugs261496
Fix bugzilla bug 261496. Absent OPTIONAL CHOICEs should not cause fatal errors. Fix printing code to not crash on missing optional nextUpdate. r=julien.pierre
security/nss/cmd/lib/secutil.c
security/nss/lib/util/quickder.c
--- a/security/nss/cmd/lib/secutil.c
+++ b/security/nss/cmd/lib/secutil.c
@@ -2101,17 +2101,18 @@ SECU_PrintCRLInfo(FILE *out, CERTCrl *cr
     /* version is optional */
     iv = crl->version.len ? DER_GetInteger(&crl->version) : 0;  
     SECU_Indent(out, level+1); 
     	fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv);
     SECU_PrintAlgorithmID(out, &(crl->signatureAlg), "Signature Algorithm",
 			  level + 1);
     SECU_PrintName(out, &(crl->name), "Issuer", level + 1);
     SECU_PrintTimeChoice(out, &(crl->lastUpdate), "This Update", level + 1);
-    SECU_PrintTimeChoice(out, &(crl->nextUpdate), "Next Update", level + 1);
+    if (crl->nextUpdate.data && crl->nextUpdate.len) /* is optional */
+	SECU_PrintTimeChoice(out, &(crl->nextUpdate), "Next Update", level + 1);
     
     if (crl->entries != NULL) {
 	iv = 0;
 	while ((entry = crl->entries[iv++]) != NULL) {
 	    sprintf(om, "Entry (%x):\n", iv); 
 	    SECU_Indent(out, level + 1); fprintf(out, om);
 	    SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number",
 			      level + 2);
--- a/security/nss/lib/util/quickder.c
+++ b/security/nss/lib/util/quickder.c
@@ -208,18 +208,19 @@ static SECStatus MatchComponentType(cons
         {
             if ( (SECSuccess == MatchComponentType(choiceEntry, item, match,
                                 (void*)((char*)dest + choiceEntry->offset))) &&
                  (PR_TRUE == *match) )
             {
                 return SECSuccess;
             }
         }
-        PORT_SetError(SEC_ERROR_BAD_DER);
-        return SECFailure;
+	/* no match, caller must decide if this is BAD DER, or not. */
+        *match = PR_FALSE;
+        return SECSuccess;
     }
 
     if (kind & SEC_ASN1_ANY)
     {
         /* SEC_ASN1_ANY always matches */
         *match = PR_TRUE;
         return SECSuccess;
     }