[Libreoffice-commits] core.git: Branch 'aoo/trunk' - xmlsecurity/source
Damjan Jovanovic
damjan at apache.org
Wed Feb 3 02:08:22 UTC 2016
xmlsecurity/source/xmlsec/nss/nssinitializer.cxx | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
New commits:
commit 51e9a26e702cdbdeb864844b5092d7f24ba28141
Author: Damjan Jovanovic <damjan at apache.org>
Date: Wed Feb 3 01:38:46 2016 +0000
AOO crashes when PR_GetErrorText() in xmlsecurity is called with a null
pointer, as that function actually expects a PR_GetErrorTextLength() + 1
sized buffer. Use it correctly.
Patch by: me
diff --git a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx b/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
index f973e79..93d6286 100644
--- a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
+++ b/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
@@ -265,11 +265,13 @@ bool nsscrypto_initialize( const css::uno::Reference< css::lang::XMultiServiceFa
if( NSS_InitReadWrite( sCertDir.getStr() ) != SECSuccess )
{
xmlsec_trace("Initializing NSS with profile failed.");
- char * error = NULL;
-
+ PRInt32 errorLength = PR_GetErrorTextLength();
+ char *error = new char[errorLength + 1];
+ error[0] = '\0'; // as per https://bugzilla.mozilla.org/show_bug.cgi?id=538940
PR_GetErrorText(error);
- if (error)
+ if (error[0])
xmlsec_trace("%s",error);
+ delete[] error;
return false ;
}
}
@@ -279,10 +281,13 @@ bool nsscrypto_initialize( const css::uno::Reference< css::lang::XMultiServiceFa
if ( NSS_NoDB_Init(NULL) != SECSuccess )
{
xmlsec_trace("Initializing NSS without profile failed.");
- char * error = NULL;
+ PRInt32 errorLength = PR_GetErrorTextLength();
+ char *error = new char[errorLength + 1];
+ error[0] = '\0';
PR_GetErrorText(error);
- if (error)
+ if (error[0])
xmlsec_trace("%s",error);
+ delete[] error;
return false ;
}
}
More information about the Libreoffice-commits
mailing list