This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch geckoview-102.3.0esr-12.0-1 in repository tor-browser.
commit c1b716fc8bcdfafaced31df5c918275849878da3 Author: Kai Engert kaie@kuix.de AuthorDate: Mon Jul 18 13:26:10 2022 +0000
Bug 1785788 - Gracefully handle null nickname in CERT_GetCertNicknameWithValidity. r=rrelyea, a=RyanVM UPGRADE_NSS_RELEASE --- security/nss/lib/certhigh/certvfy.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c index a550d087007df..5bf82d9bb989a 100644 --- a/security/nss/lib/certhigh/certvfy.c +++ b/security/nss/lib/certhigh/certvfy.c @@ -1913,15 +1913,19 @@ CERT_GetCertNicknameWithValidity(PLArenaPool *arena, CERTCertificate *cert, { SECCertTimeValidity validity; char *nickname = NULL, *tmpstr = NULL; + const char *srcNickname = cert->nickname; + if (!srcNickname) { + srcNickname = "{???}"; + }
validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE);
/* if the cert is good, then just use the nickname directly */ if (validity == secCertTimeValid) { if (arena == NULL) { - nickname = PORT_Strdup(cert->nickname); + nickname = PORT_Strdup(srcNickname); } else { - nickname = PORT_ArenaStrdup(arena, cert->nickname); + nickname = PORT_ArenaStrdup(arena, srcNickname); }
if (nickname == NULL) { @@ -1933,11 +1937,11 @@ CERT_GetCertNicknameWithValidity(PLArenaPool *arena, CERTCertificate *cert, * end */ if (validity == secCertTimeExpired) { - tmpstr = PR_smprintf("%s%s", cert->nickname, + tmpstr = PR_smprintf("%s%s", srcNickname, expiredString); } else if (validity == secCertTimeNotValidYet) { /* not yet valid */ - tmpstr = PR_smprintf("%s%s", cert->nickname, + tmpstr = PR_smprintf("%s%s", srcNickname, notYetGoodString); } else { /* undetermined */