certmonger/SOURCES/0021-clang-Garbage-value-possible.patch

From 3727376f8654f9e1dd88b1f9721124f9fc96ad0a Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 8 Oct 2018 14:44:05 -0400
Subject: [PATCH 21/25] clang: Garbage value possible

Need to add guard so that error was only considered if the
certificate was decodable and an import was attempted.
---
 src/certsave-n.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/certsave-n.c b/src/certsave-n.c
index 972a1dfa..30e242c1 100644
--- a/src/certsave-n.c
+++ b/src/certsave-n.c
@@ -498,6 +498,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 					}
 				}
 				/* Import the certificate. */
+				error = SECFailure;
 				newcert = CERT_DecodeCertFromPackage((char *)item->data, item->len);
 				if (newcert != NULL) {
 					error = PK11_ImportCert(sle->slot,
@@ -506,7 +507,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 						entry->cm_cert_nickname,
 						PR_FALSE);
 				}
-				if (error == SECSuccess) {
+				if ((newcert != NULL) && (error == SECSuccess)) {
 					cm_log(1, "Imported certificate with "
 					       "nickname \"%s\".\n",
 					       entry->cm_cert_nickname);
@@ -581,6 +582,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
 						CERT_DestroyCertList(certlist);
 					}
 				} else {
+					ec = PORT_GetError();
 					if (ec != 0) {
 						es = PR_ErrorToName(ec);
 					} else {
-- 
2.21.0
import certmonger-0.79.7-6.el8 2020-04-23 21:56:58 +00:00			`From 3727376f8654f9e1dd88b1f9721124f9fc96ad0a Mon Sep 17 00:00:00 2001`
			`From: Rob Crittenden <rcritten@redhat.com>`
			`Date: Mon, 8 Oct 2018 14:44:05 -0400`
			`Subject: [PATCH 21/25] clang: Garbage value possible`

			`Need to add guard so that error was only considered if the`
			`certificate was decodable and an import was attempted.`
			`---`
			`src/certsave-n.c \| 4 +++-`
			`1 file changed, 3 insertions(+), 1 deletion(-)`

			`diff --git a/src/certsave-n.c b/src/certsave-n.c`
			`index 972a1dfa..30e242c1 100644`
			`--- a/src/certsave-n.c`
			`+++ b/src/certsave-n.c`
			`@@ -498,6 +498,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca ca, struct cm_store_entry entry,`
			`}`
			`}`
			`/* Import the certificate. */`
			`+ error = SECFailure;`
			`newcert = CERT_DecodeCertFromPackage((char *)item->data, item->len);`
			`if (newcert != NULL) {`
			`error = PK11_ImportCert(sle->slot,`
			`@@ -506,7 +507,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca ca, struct cm_store_entry entry,`
			`entry->cm_cert_nickname,`
			`PR_FALSE);`
			`}`
			`- if (error == SECSuccess) {`
			`+ if ((newcert != NULL) && (error == SECSuccess)) {`
			`cm_log(1, "Imported certificate with "`
			`"nickname \"%s\".\n",`
			`entry->cm_cert_nickname);`
			`@@ -581,6 +582,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca ca, struct cm_store_entry entry,`
			`CERT_DestroyCertList(certlist);`
			`}`
			`} else {`
			`+ ec = PORT_GetError();`
			`if (ec != 0) {`
			`es = PR_ErrorToName(ec);`
			`} else {`
			`--`
			`2.21.0`