Update NSS to 3.36.4-RTM

author: JustOff <Off.Just.Off@gmail.com> 2018-06-09 15:11:22 +0300
committer: JustOff <Off.Just.Off@gmail.com> 2018-06-11 16:42:50 +0300
commit: f83f62e1bff0c2aedc32e67fe369ba923c5b104a (patch)
tree: fbb69e76754552dde5c3c5d4fe928ed9693f601a /security/nss/cmd/signtool/sign.c
parent: 75323087aea91719bbb4f766bc6298d0618f0163 (diff)
download: UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.gz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.lz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.xz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.zip
1 files changed, 48 insertions, 10 deletions
diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c
index 6e776069a..6f8e43946 100644
--- a/security/nss/cmd/signtool/sign.c
+++ b/security/nss/cmd/signtool/sign.c
@@ -43,6 +43,7 @@ SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
     int status;
     char tempfn[FNSIZE], fullfn[FNSIZE];
     int keyType = rsaKey;
+    int count;
 
     metafile = meta_file;
     optimize = _optimize;
@@ -81,9 +82,18 @@ SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
         }
 
         /* rsa/dsa to zip */
-        sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa"
-                                                                   : "rsa"));
-        sprintf(fullfn, "%s/%s", tree, tempfn);
+        count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa" : "rsa"));
+        if (count >= sizeof(tempfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
+        count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+        if (count >= sizeof(fullfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
         JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
         /* Loop through all files & subdirectories, add to archive */
@@ -93,20 +103,44 @@ SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
     }
     /* mf to zip */
     strcpy(tempfn, "META-INF/manifest.mf");
-    sprintf(fullfn, "%s/%s", tree, tempfn);
+    count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+    if (count >= sizeof(fullfn)) {
+        PR_fprintf(errorFD, "unable to write manifest\n");
+        errorCount++;
+        exit(ERRX);
+    }
     JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
     /* sf to zip */
-    sprintf(tempfn, "META-INF/%s.sf", base);
-    sprintf(fullfn, "%s/%s", tree, tempfn);
+    count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.sf", base);
+    if (count >= sizeof(tempfn)) {
+        PR_fprintf(errorFD, "unable to write sf metadata\n");
+        errorCount++;
+        exit(ERRX);
+    }
+    count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+    if (count >= sizeof(fullfn)) {
+        PR_fprintf(errorFD, "unable to write sf metadata\n");
+        errorCount++;
+        exit(ERRX);
+    }
     JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
     /* Add the rsa/dsa file to the zip archive normally */
     if (!xpi_arc) {
         /* rsa/dsa to zip */
-        sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa"
-                                                                   : "rsa"));
-        sprintf(fullfn, "%s/%s", tree, tempfn);
+        count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa" : "rsa"));
+        if (count >= sizeof(tempfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
+        count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+        if (count >= sizeof(fullfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
         JzipAdd(fullfn, tempfn, zipfile, compression_level);
     }
 
@@ -408,6 +442,7 @@ static int
 manifesto_xpi_fn(char *relpath, char *basedir, char *reldir, char *filename, void *arg)
 {
     char fullname[FNSIZE];
+    int count;
 
     if (verbosity >= 0) {
         PR_fprintf(outputFD, "--> %s\n", relpath);
@@ -421,7 +456,10 @@ manifesto_xpi_fn(char *relpath, char *basedir, char *reldir, char *filename, voi
         if (!PL_HashTableLookup(extensions, ext))
             return 0;
     }
-    sprintf(fullname, "%s/%s", basedir, relpath);
+    count = snprintf(fullname, sizeof(fullname), "%s/%s", basedir, relpath);
+    if (count >= sizeof(fullname)) {
+        return 1;
+    }
     JzipAdd(fullname, relpath, zipfile, compression_level);
 
     return 0;
author	JustOff <Off.Just.Off@gmail.com>	2018-06-09 15:11:22 +0300
committer	JustOff <Off.Just.Off@gmail.com>	2018-06-11 16:42:50 +0300
commit	f83f62e1bff0c2aedc32e67fe369ba923c5b104a (patch)
tree	fbb69e76754552dde5c3c5d4fe928ed9693f601a /security/nss/cmd/signtool/sign.c
parent	75323087aea91719bbb4f766bc6298d0618f0163 (diff)
download	UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.gz UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.lz UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.xz UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.zip