Bug 1590495 - Crash in PK11_MakeCertFromHandle->pk11_fastCert. r=jcj
authorMarcus Burghardt <mburghardt@mozilla.com>
Mon, 04 Nov 2019 23:01:14 +0000
changeset 15372 dc9552c2aa7779601bfa232ab0764a9c4ad17535
parent 15371 35857ae98190c590ae00a01cb1a2ed48def3915f
child 15373 0a86945adf746d78954c4a5ac4dfa365debb76c6
push id3565
push userjjones@mozilla.com
push dateMon, 04 Nov 2019 23:01:35 +0000
reviewersjcj
bugs1590495
Bug 1590495 - Crash in PK11_MakeCertFromHandle->pk11_fastCert. r=jcj Fixed controls to avoid crashes caused by slots possibly without a token in pk11_fastCert. Also, improved arguments controls in PK11_MakeCertFromHandle. Differential Revision: https://phabricator.services.mozilla.com/D51406
lib/pk11wrap/pk11cert.c
--- a/lib/pk11wrap/pk11cert.c
+++ b/lib/pk11wrap/pk11cert.c
@@ -240,17 +240,17 @@ pk11_fastCert(PK11SlotInfo *slot, CK_OBJ
     NSSCertificate *c;
     nssCryptokiObject *co = NULL;
     nssPKIObject *pkio;
     NSSToken *token;
     NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
 
     /* Get the cryptoki object from the handle */
     token = PK11Slot_GetNSSToken(slot);
-    if (token->defaultSession) {
+    if (token && token->defaultSession) {
         co = nssCryptokiObject_Create(token, token->defaultSession, certID);
     } else {
         PORT_SetError(SEC_ERROR_NO_TOKEN);
     }
     if (!co) {
         return NULL;
     }
 
@@ -302,19 +302,25 @@ pk11_fastCert(PK11SlotInfo *slot, CK_OBJ
 CERTCertificate *
 PK11_MakeCertFromHandle(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID,
                         CK_ATTRIBUTE *privateLabel)
 {
     char *nickname = NULL;
     CERTCertificate *cert = NULL;
     CERTCertTrust *trust;
 
+    if (slot == NULL || certID == CK_INVALID_HANDLE) {
+        PORT_SetError(SEC_ERROR_INVALID_ARGS);
+        return NULL;
+    }
+
     cert = pk11_fastCert(slot, certID, privateLabel, &nickname);
-    if (cert == NULL)
+    if (cert == NULL) {
         goto loser;
+    }
 
     if (nickname) {
         if (cert->nickname != NULL) {
             cert->dbnickname = cert->nickname;
         }
         cert->nickname = PORT_ArenaStrdup(cert->arena, nickname);
         PORT_Free(nickname);
         nickname = NULL;