diff options
Diffstat (limited to 'security/nss/lib/certdb/alg1485.c')
| -rw-r--r-- | security/nss/lib/certdb/alg1485.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c index b6736c462..38b2fe4b5 100644 --- a/security/nss/lib/certdb/alg1485.c +++ b/security/nss/lib/certdb/alg1485.c @@ -341,13 +341,16 @@ hexToBin(PLArenaPool* pool, SECItem* destItem, const char* src, int len) goto loser; } len >>= 1; - if (!SECITEM_AllocItem(pool, destItem, len)) + if (!SECITEM_AllocItem(pool, destItem, len)) { goto loser; + } dest = destItem->data; for (; len > 0; len--, src += 2) { - PRInt16 bin = (x2b[(PRUint8)src[0]] << 4) | x2b[(PRUint8)src[1]]; - if (bin < 0) + PRUint16 bin = ((PRUint16)x2b[(PRUint8)src[0]] << 4); + bin |= (PRUint16)x2b[(PRUint8)src[1]]; + if (bin >> 15) { /* is negative */ goto loser; + } *dest++ = (PRUint8)bin; } return SECSuccess; @@ -372,6 +375,7 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr) const char* bp; int vt = -1; int valLen; + PRBool isDottedOid = PR_FALSE; SECOidTag kind = SEC_OID_UNKNOWN; SECStatus rv = SECFailure; SECItem derOid = { 0, NULL, 0 }; @@ -398,8 +402,9 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr) } /* is this a dotted decimal OID attribute type ? */ - if (!PL_strncasecmp("oid.", tagBuf, 4)) { + if (!PL_strncasecmp("oid.", tagBuf, 4) || isdigit(tagBuf[0])) { rv = SEC_StringToOID(arena, &derOid, tagBuf, strlen(tagBuf)); + isDottedOid = (PRBool)(rv == SECSuccess); } else { for (n2k = name2kinds; n2k->name; n2k++) { SECOidData* oidrec; @@ -425,8 +430,6 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr) goto loser; a = CERT_CreateAVAFromRaw(arena, &derOid, &derVal); } else { - if (kind == SEC_OID_UNKNOWN) - goto loser; if (kind == SEC_OID_AVA_COUNTRY_NAME && valLen != 2) goto loser; if (vt == SEC_ASN1_PRINTABLE_STRING && @@ -442,7 +445,11 @@ ParseRFC1485AVA(PLArenaPool* arena, const char** pbp, const char* endptr) derVal.data = (unsigned char*)valBuf; derVal.len = valLen; - a = CERT_CreateAVAFromSECItem(arena, kind, vt, &derVal); + if (kind == SEC_OID_UNKNOWN && isDottedOid) { + a = CERT_CreateAVAFromRaw(arena, &derOid, &derVal); + } else { + a = CERT_CreateAVAFromSECItem(arena, kind, vt, &derVal); + } } return a; |