Check the cert validity only if we actually found a cert.
authorrelyea%netscape.com
Fri, 30 Aug 2002 20:37:58 +0000
changeset 3517 eb65445c39c144a5a962f817bab577e8b66d69f5
parent 3516 fb48b7061f27ed6dfac936b3d96d85d261076e91
child 3519 0ae3c349a90802659fe303e587439f3ab5631b04
push idunknown
push userunknown
push dateunknown
Check the cert validity only if we actually found a cert.
security/nss/lib/pk11wrap/pk11cert.c
--- a/security/nss/lib/pk11wrap/pk11cert.c
+++ b/security/nss/lib/pk11wrap/pk11cert.c
@@ -2110,23 +2110,23 @@ pk11_FindCertObjectByRecipientNew(PK11Sl
 
     for (i=0; (ri = recipientlist[i]) != NULL; i++) {
 	CERTCertificate *cert = NULL;
 	/* XXXXX fixme - not yet implemented! */
 	if (ri->kind == RLSubjKeyID)
 	    continue;
 	cert = PK11_FindCertByIssuerAndSNOnToken(slot, ri->id.issuerAndSN, 
 								pwarg);
-	/* this isn't our cert */
-	if ((cert->trust == NULL) ||
+	if (cert) {
+	    /* this isn't our cert */
+	    if ((cert->trust == NULL) ||
        		((cert->trust->emailFlags & CERTDB_USER) != CERTDB_USER)) {
-	    CERT_DestroyCertificate(cert);
-	    continue;
-	}
-	if (cert) {
+		 CERT_DestroyCertificate(cert);
+		continue;
+	    }
 	    ri->slot = PK11_ReferenceSlot(slot);
 	    *rlIndex = i;
 	    return cert;
 	}
 
     }
     *rlIndex = -1;
     return NULL;
@@ -2183,22 +2183,23 @@ pk11_FindCertObjectByRecipient(PK11SlotI
     SEC_PKCS7RecipientInfo *ri = NULL;
     int i;
 
     for (i=0; (ri = recipientArray[i]) != NULL; i++) {
 	CERTCertificate *cert;
 
 	cert = PK11_FindCertByIssuerAndSNOnToken(slot, ri->issuerAndSN, 
 								pwarg);
-	if ((cert->trust == NULL) ||
+        if (cert) {
+	    /* this isn't our cert */
+	    if ((cert->trust == NULL) ||
        		((cert->trust->emailFlags & CERTDB_USER) != CERTDB_USER)) {
-	    CERT_DestroyCertificate(cert);
-	    continue;
-	}
-        if (cert) {
+		 CERT_DestroyCertificate(cert);
+		continue;
+	    }
 	    *rip = ri;
 	    return cert;
 	}
 
     }
     *rip = NULL;
     return NULL;
 }