certmonger/SOURCES/0021-clang-Garbage-value-possible.patch
2021-09-09 15:18:09 +00:00

44 lines
1.4 KiB
Diff

From 3727376f8654f9e1dd88b1f9721124f9fc96ad0a Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 8 Oct 2018 14:44:05 -0400
Subject: [PATCH 21/25] clang: Garbage value possible
Need to add guard so that error was only considered if the
certificate was decodable and an import was attempted.
---
src/certsave-n.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/certsave-n.c b/src/certsave-n.c
index 972a1dfa..30e242c1 100644
--- a/src/certsave-n.c
+++ b/src/certsave-n.c
@@ -498,6 +498,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
}
}
/* Import the certificate. */
+ error = SECFailure;
newcert = CERT_DecodeCertFromPackage((char *)item->data, item->len);
if (newcert != NULL) {
error = PK11_ImportCert(sle->slot,
@@ -506,7 +507,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
entry->cm_cert_nickname,
PR_FALSE);
}
- if (error == SECSuccess) {
+ if ((newcert != NULL) && (error == SECSuccess)) {
cm_log(1, "Imported certificate with "
"nickname \"%s\".\n",
entry->cm_cert_nickname);
@@ -581,6 +582,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
CERT_DestroyCertList(certlist);
}
} else {
+ ec = PORT_GetError();
if (ec != 0) {
es = PR_ErrorToName(ec);
} else {
--
2.21.0