Closed
Bug 1319039
Opened 8 years ago
Closed 8 years ago
Remove unnecessary checks after ssl3_SignHashes()
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.29
People
(Reporter: ttaubert, Assigned: ttaubert)
Details
We have this ancient pattern at two call sites:
> rv = ssl3_SignHashes(ss, &hashes, certPrivateKey, &signed_hash);
> if (rv != SECSuccess) {
> goto loser; /* ssl3_SignHashes has set err. */
> }
> if (signed_hash.data == NULL) {
> PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
> goto loser;
> }
There is no way that ssl3_SignHashes() returns SECSuccess with signed_hash.data being NULL. This could only happen if PK11_SignWithMechanism() or SGN_Digest() would return SECSuccess and leave it NULL.
We explicitly allocate .data before calling PK11_SignWithMechanism(), so in that branch it would never be null. SGN_Digest() does the same and and I can't see how it would succeed with .data being NULL.
Assignee | ||
Comment 1•8 years ago
|
||
https://nss-review.dev.mozaws.net/D90
Assignee | ||
Comment 2•8 years ago
|
||
https://hg.mozilla.org/projects/nss/rev/54f594ad2b4a
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.29
You need to log in
before you can comment on or make changes to this bug.
Description
•