Bug 533529. Detect it if someone calls GetNextToken when we're not initialized and bail out. r=bzbarsky
authorJim Mathies <jmathies@mozilla.com>
Mon, 14 Dec 2009 22:05:19 -0800
changeset 36196 43576fd67e3aafd4f070db93b5ecfa9aad719def
parent 36195 e1b45a04f4801751dd38113b9e585adceddc8ca0
child 36197 e67094febf72bdc112ddb945d6be5369546bcba7
push idunknown
push userunknown
push dateunknown
reviewersbzbarsky
bugs533529
milestone1.9.3a1pre
Bug 533529. Detect it if someone calls GetNextToken when we're not initialized and bail out. r=bzbarsky
extensions/auth/nsAuthSSPI.cpp
--- a/extensions/auth/nsAuthSSPI.cpp
+++ b/extensions/auth/nsAuthSSPI.cpp
@@ -310,16 +310,21 @@ nsAuthSSPI::GetNextToken(const void *inT
 
     DWORD ctxAttr, ctxReq = 0;
     CtxtHandle *ctxIn;
     SecBufferDesc ibd, obd;
     SecBuffer ib, ob;
 
     LOG(("entering nsAuthSSPI::GetNextToken()\n"));
 
+    if (!mCtxt.dwLower && !mCtxt.dwUpper) {
+        LOG(("nsAuthSSPI::GetNextToken(), not initialized. exiting."));
+        return NS_ERROR_NOT_INITIALIZED;
+    }
+
     if (mServiceFlags & REQ_DELEGATE)
         ctxReq |= ISC_REQ_DELEGATE;
     if (mServiceFlags & REQ_MUTUAL_AUTH)
         ctxReq |= ISC_REQ_MUTUAL_AUTH;
 
     if (inToken) {
         ib.BufferType = SECBUFFER_TOKEN;
         ib.cbBuffer = inTokenLen;