[poppler] poppler/SignatureHandler.cc
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Mon Jan 9 21:51:05 UTC 2023
poppler/SignatureHandler.cc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
New commits:
commit 4f8c8297d7190480500cdafe52c8777202229b30
Author: Tobias Deiminger <tobias.deiminger at posteo.de>
Date: Mon Jan 9 21:00:06 2023 +0100
Fix segfault on wrong nssdir
If SignatureHandler was used with a custom DB directory, but that
directory didn't exist or contained no valid DB, NSS crashed on
subsequent calls.
We can prevent crashes by calling NSS_NoDB_Init (as it's already done in
the default-DB case).
Fixes #1331.
diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc
index e0579cae..f9dd6c2f 100644
--- a/poppler/SignatureHandler.cc
+++ b/poppler/SignatureHandler.cc
@@ -769,15 +769,15 @@ void SignatureHandler::setNSSDir(const GooString &nssDir)
homeNssDb.append("/.pki/nssdb");
initSuccess = (NSS_Init(homeNssDb.c_str()) == SECSuccess);
sNssDir = homeNssDb.toStr();
- if (!initSuccess) {
- NSS_NoDB_Init(nullptr);
- }
}
}
if (initSuccess) {
// Make sure NSS root certificates module is loaded
SECMOD_AddNewModule("Root Certs", "libnssckbi.so", 0, 0);
+ } else {
+ fprintf(stderr, "NSS_Init failed: %s\n", PR_ErrorToString(PORT_GetError(), PR_LANGUAGE_I_DEFAULT));
+ NSS_NoDB_Init(nullptr);
}
}
More information about the poppler
mailing list