Index: net/third_party/nss/ssl/ssl3ext.c |
=================================================================== |
--- net/third_party/nss/ssl/ssl3ext.c (revision 125777) |
+++ net/third_party/nss/ssl/ssl3ext.c (working copy) |
@@ -606,10 +606,7 @@ |
unsigned char resultBuffer[255]; |
SECItem result = { siBuffer, resultBuffer, 0 }; |
- if (ss->firstHsDone) { |
wtc
2012/03/10 00:43:15
ss->firstHsDone cannot be true here. Line 650 bel
|
- PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); |
- return SECFailure; |
- } |
+ PORT_Assert(!ss->firstHsDone); |
rv = ssl3_ValidateNextProtoNego(data->data, data->len); |
if (rv != SECSuccess) |
@@ -621,6 +618,8 @@ |
*/ |
PORT_Assert(ss->nextProtoCallback != NULL); |
if (!ss->nextProtoCallback) { |
+ /* XXX Use a better error code. This is an application error, not an |
+ * NSS bug. */ |
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); |
return SECFailure; |
} |
@@ -631,7 +630,7 @@ |
return rv; |
/* If the callback wrote more than allowed to |result| it has corrupted our |
* stack. */ |
- if (result.len > sizeof result) { |
+ if (result.len > sizeof resultBuffer) { |
wtc
2012/03/10 00:43:15
This is the fix for the buffer length bug. We wil
|
PORT_SetError(SEC_ERROR_OUTPUT_LEN); |
return SECFailure; |
} |