corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1169890 - Check return values for CryptoBuffer.Assign() calls r=rbarnes

Browse Source
This commit is contained in:
Tim Taubert
2015-05-30 08:28:45 +02:00
parent 4f2fdf513c
commit 6f5a605095
3 changed files with 61 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
dom/crypto/CryptoKey.cpp
View File

@@ -550,7 +550,9 @@ CryptoKey::PrivateKeyToPkcs8(SECKEYPrivateKey* aPrivKey,
if (!pkcs8Item.get()) { if (!pkcs8Item.get()) {
return NS_ERROR_DOM_INVALID_ACCESS_ERR; return NS_ERROR_DOM_INVALID_ACCESS_ERR;
} }
aRetVal.Assign(pkcs8Item.get()); if (!aRetVal.Assign(pkcs8Item.get())) {
return NS_ERROR_DOM_OPERATION_ERR;
}
return NS_OK; return NS_OK;
} }
@@ -647,7 +649,9 @@ CryptoKey::PublicKeyToSpki(SECKEYPublicKey* aPubKey,
const SEC_ASN1Template* tpl = SEC_ASN1_GET(CERT_SubjectPublicKeyInfoTemplate); const SEC_ASN1Template* tpl = SEC_ASN1_GET(CERT_SubjectPublicKeyInfoTemplate);
ScopedSECItem spkiItem(SEC_ASN1EncodeItem(nullptr, nullptr, spki, tpl)); ScopedSECItem spkiItem(SEC_ASN1EncodeItem(nullptr, nullptr, spki, tpl));
aRetVal.Assign(spkiItem.get()); if (!aRetVal.Assign(spkiItem.get())) {
return NS_ERROR_DOM_OPERATION_ERR;
}
return NS_OK; return NS_OK;
} }
@@ -1125,7 +1129,9 @@ CryptoKey::PublicDhKeyToRaw(SECKEYPublicKey* aPubKey,
CryptoBuffer& aRetVal, CryptoBuffer& aRetVal,
const nsNSSShutDownPreventionLock& /*proofOfLock*/) const nsNSSShutDownPreventionLock& /*proofOfLock*/)
{ {
aRetVal.Assign(&aPubKey->u.dh.publicValue); if (!aRetVal.Assign(&aPubKey->u.dh.publicValue)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
return NS_OK; return NS_OK;
} }

18
dom/crypto/KeyAlgorithmProxy.h
View File

@@ -109,7 +109,7 @@ struct KeyAlgorithmProxy
mHmac.mHash.mName = aHashName; mHmac.mHash.mName = aHashName;
} }
void bool
MakeRsa(const nsString& aName, uint32_t aModulusLength, MakeRsa(const nsString& aName, uint32_t aModulusLength,
const CryptoBuffer& aPublicExponent, const nsString& aHashName) const CryptoBuffer& aPublicExponent, const nsString& aHashName)
{ {
@@ -118,7 +118,10 @@ struct KeyAlgorithmProxy
mRsa.mName = aName; mRsa.mName = aName;
mRsa.mModulusLength = aModulusLength; mRsa.mModulusLength = aModulusLength;
mRsa.mHash.mName = aHashName; mRsa.mHash.mName = aHashName;
mRsa.mPublicExponent.Assign(aPublicExponent); if (!mRsa.mPublicExponent.Assign(aPublicExponent)) {
return false;
}
return true;
} }
void void
@@ -130,15 +133,20 @@ struct KeyAlgorithmProxy
mEc.mNamedCurve = aNamedCurve; mEc.mNamedCurve = aNamedCurve;
} }
void bool
MakeDh(const nsString& aName, const CryptoBuffer& aPrime, MakeDh(const nsString& aName, const CryptoBuffer& aPrime,
const CryptoBuffer& aGenerator) const CryptoBuffer& aGenerator)
{ {
mType = DH; mType = DH;
mName = aName; mName = aName;
mDh.mName = aName; mDh.mName = aName;
mDh.mPrime.Assign(aPrime); if (!mDh.mPrime.Assign(aPrime)) {
mDh.mGenerator.Assign(aGenerator); return false;
}
if (!mDh.mGenerator.Assign(aGenerator)) {
return false;
}
return true;
} }
}; };

46
dom/crypto/WebCryptoTask.cpp
View File

@@ -1603,7 +1603,9 @@ private:
// Extract relevant information from the public key // Extract relevant information from the public key
mModulusLength = 8 * pubKey->u.rsa.modulus.len; mModulusLength = 8 * pubKey->u.rsa.modulus.len;
mPublicExponent.Assign(&pubKey->u.rsa.publicExponent); if (!mPublicExponent.Assign(&pubKey->u.rsa.publicExponent)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
return NS_OK; return NS_OK;
} }
@@ -1628,8 +1630,10 @@ private:
} }
// Set an appropriate KeyAlgorithm // Set an appropriate KeyAlgorithm
mKey->Algorithm().MakeRsa(mAlgName, mModulusLength, if (!mKey->Algorithm().MakeRsa(mAlgName, mModulusLength,
mPublicExponent, mHashName); mPublicExponent, mHashName)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
if (mDataIsJwk && !JwkCompatible(mJwk, mKey)) { if (mDataIsJwk && !JwkCompatible(mJwk, mKey)) {
return NS_ERROR_DOM_DATA_ERR; return NS_ERROR_DOM_DATA_ERR;
@@ -1879,7 +1883,9 @@ private:
return NS_ERROR_DOM_DATA_ERR; return NS_ERROR_DOM_DATA_ERR;
} }
mKey->Algorithm().MakeDh(mAlgName, mPrime, mGenerator); if (!mKey->Algorithm().MakeDh(mAlgName, mPrime, mGenerator)) {
return NS_ERROR_DOM_OPERATION_ERR;
}
return NS_OK; return NS_OK;
} }
}; };
@@ -2211,14 +2217,20 @@ public:
} }
// Create algorithm // Create algorithm
mKeyPair.mPublicKey.get()->Algorithm().MakeRsa(algName, if (!mKeyPair.mPublicKey.get()->Algorithm().MakeRsa(algName,
modulusLength, modulusLength,
publicExponent, publicExponent,
hashName); hashName)) {
mKeyPair.mPrivateKey.get()->Algorithm().MakeRsa(algName, mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
return;
}
if (!mKeyPair.mPrivateKey.get()->Algorithm().MakeRsa(algName,
modulusLength, modulusLength,
publicExponent, publicExponent,
hashName); hashName)) {
mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
return;
}
mMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; mMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
// Set up params struct // Set up params struct
@@ -2268,8 +2280,18 @@ public:
} }
// Create algorithm. // Create algorithm.
mKeyPair.mPublicKey.get()->Algorithm().MakeDh(algName, prime, generator); if (!mKeyPair.mPublicKey.get()->Algorithm().MakeDh(algName,
mKeyPair.mPrivateKey.get()->Algorithm().MakeDh(algName, prime, generator); prime,
generator)) {
mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
return;
}
if (!mKeyPair.mPrivateKey.get()->Algorithm().MakeDh(algName,
prime,
generator)) {
mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
return;
}
mMechanism = CKM_DH_PKCS_KEY_PAIR_GEN; mMechanism = CKM_DH_PKCS_KEY_PAIR_GEN;
} else { } else {
mEarlyRv = NS_ERROR_DOM_NOT_SUPPORTED_ERR; mEarlyRv = NS_ERROR_DOM_NOT_SUPPORTED_ERR;
@@ -2789,7 +2811,9 @@ private:
} }
NS_ConvertUTF16toUTF8 utf8(json); NS_ConvertUTF16toUTF8 utf8(json);
mResult.Assign((const uint8_t*) utf8.BeginReading(), utf8.Length()); if (!mResult.Assign((const uint8_t*) utf8.BeginReading(), utf8.Length())) {
return NS_ERROR_DOM_OPERATION_ERR;
}
} }
return NS_OK; return NS_OK;