From f51bb96e4e07882a149ac6d57e284bd056d661bb Mon Sep 17 00:00:00 2001
From: Dana Keeler <dkeeler@mozilla.com>
Date: Wed, 1 Oct 2025 18:07:36 +0000
Subject: [PATCH] Bug 1987422 - osclientcerts: null-check before wrapping CF
 objects   a=RyanVM DONTBUILD

Original Revision: https://phabricator.services.mozilla.com/D264138

Differential Revision: https://phabricator.services.mozilla.com/D267026
---
 .../ssl/osclientcerts/src/backend_macos.rs       | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/security/manager/ssl/osclientcerts/src/backend_macos.rs b/security/manager/ssl/osclientcerts/src/backend_macos.rs
index 943cfcda4c1d..22933e17e914 100644
--- a/security/manager/ssl/osclientcerts/src/backend_macos.rs
+++ b/security/manager/ssl/osclientcerts/src/backend_macos.rs
@@ -226,6 +226,9 @@ fn sec_key_create_signature(
         )
     };
     if signature.is_null() {
+        if error.is_null() {
+            return Err(error_here!(ErrorType::ExternalError));
+        }
         let error = unsafe { CFError::wrap_under_create_rule(error) };
         return Err(error_here!(
             ErrorType::ExternalError,
@@ -235,8 +238,12 @@ fn sec_key_create_signature(
     Ok(unsafe { CFData::wrap_under_create_rule(signature) })
 }
 
-fn sec_key_copy_attributes<T: TCFType>(key: &SecKey) -> CFDictionary<CFString, T> {
-    unsafe { CFDictionary::wrap_under_create_rule(SecKeyCopyAttributes(key.as_concrete_TypeRef())) }
+fn sec_key_copy_attributes<T: TCFType>(key: &SecKey) -> Result<CFDictionary<CFString, T>, Error> {
+    let attributes = unsafe { SecKeyCopyAttributes(key.as_concrete_TypeRef()) };
+    if attributes.is_null() {
+        return Err(error_here!(ErrorType::ExternalError));
+    }
+    Ok(unsafe { CFDictionary::wrap_under_create_rule(attributes) })
 }
 
 fn sec_key_copy_external_representation(key: &SecKey) -> Result<CFData, Error> {
@@ -244,6 +251,9 @@ fn sec_key_copy_external_representation(key: &SecKey) -> Result<CFData, Error> {
     let representation =
         unsafe { SecKeyCopyExternalRepresentation(key.as_concrete_TypeRef(), &mut error) };
     if representation.is_null() {
+        if error.is_null() {
+            return Err(error_here!(ErrorType::ExternalError));
+        }
         let error = unsafe { CFError::wrap_under_create_rule(error) };
         return Err(error_here!(
             ErrorType::ExternalError,
@@ -814,7 +824,7 @@ impl Sign for Key {
 }
 
 fn get_key_attribute<T: TCFType + Clone>(key: &SecKey, attr: CFStringRef) -> Result<T, Error> {
-    let attributes: CFDictionary<CFString, T> = sec_key_copy_attributes(key);
+    let attributes: CFDictionary<CFString, T> = sec_key_copy_attributes(key)?;
     match attributes.find(attr as *const _) {
         Some(value) => Ok((*value).clone()),
         None => Err(error_here!(ErrorType::ExternalError)),