diff options
author | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-09 21:39:28 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-01-11 13:45:47 +0100 |
commit | d0256e1afc1ba721e98f377d8925e7b7282f5a99 (patch) | |
tree | b64c13a9f169493e4d9e7f29ec15d2b5689dc267 | |
parent | 19939f17f015f2155894f8e4c5e4ec9b8acc3ddc (diff) | |
download | uxp-d0256e1afc1ba721e98f377d8925e7b7282f5a99.tar.gz |
Be more consistent about decoding IP addresses in PSM.
-rw-r--r-- | security/manager/ssl/TransportSecurityInfo.cpp | 5 | ||||
-rw-r--r-- | security/manager/ssl/nsNSSCertHelper.cpp | 4 |
2 files changed, 7 insertions, 2 deletions
diff --git a/security/manager/ssl/TransportSecurityInfo.cpp b/security/manager/ssl/TransportSecurityInfo.cpp index 3c7023302b..3f4bf4a904 100644 --- a/security/manager/ssl/TransportSecurityInfo.cpp +++ b/security/manager/ssl/TransportSecurityInfo.cpp @@ -8,6 +8,7 @@ #include "PSMRunnable.h" #include "mozilla/Casting.h" +#include "mozilla/net/DNS.h" #include "nsComponentManagerUtils.h" #include "nsIArray.h" #include "nsICertOverrideService.h" @@ -681,8 +682,10 @@ GetSubjectAltNames(CERTCertificate* nssCert, nsString& allNames) case certIPAddress: { - char buf[INET6_ADDRSTRLEN]; + // According to DNS.h, this includes space for the null-terminator + char buf[net::kNetAddrMaxCStrBufSize] = {0}; PRNetAddr addr; + memset(&addr, 0, sizeof(addr)); if (current->name.other.len == 4) { addr.inet.family = PR_AF_INET; memcpy(&addr.inet.ip, current->name.other.data, current->name.other.len); diff --git a/security/manager/ssl/nsNSSCertHelper.cpp b/security/manager/ssl/nsNSSCertHelper.cpp index 64c87ad2f9..efcb8747a3 100644 --- a/security/manager/ssl/nsNSSCertHelper.cpp +++ b/security/manager/ssl/nsNSSCertHelper.cpp @@ -11,6 +11,7 @@ #include "mozilla/NotNull.h" #include "mozilla/Sprintf.h" #include "mozilla/UniquePtr.h" +#include "mozilla/net/DNS.h" #include "nsCOMPtr.h" #include "nsComponentManagerUtils.h" #include "nsDateTimeFormatCID.h" @@ -1006,8 +1007,9 @@ ProcessGeneralName(const UniquePLArenaPool& arena, CERTGeneralName* current, break; case certIPAddress: { - char buf[INET6_ADDRSTRLEN]; PRStatus status = PR_FAILURE; + // According to DNS.h, this includes space for the null-terminator + char buf[net::kNetAddrMaxCStrBufSize] = {0}; PRNetAddr addr; memset(&addr, 0, sizeof(addr)); nssComponent->GetPIPNSSBundleString("CertDumpIPAddress", key); |