Crash in libpkix when requesting ocsp revocation chain on a cert that does not have AIA extension. The crash happened because of two fields of pkix_pl_ocsprequest data type was not initialized before destruction. They are certList and location.
Created attachment 300525 [details] [diff] [review] Init certList and location The patch also fixes some potential leaks in CERT_PKIXVerifyCert function.
Comment on attachment 300525 [details] [diff] [review] Init certList and location r=nelson
/cvsroot/mozilla/security/nss/lib/certhigh/certvfypkix.c,v <-- certvfypkix.c new revision: 1.10; previous revision: 1.9 Checking in lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.c; new revision: 1.7; previous revision: 1.6