diff options
| author | Tor Lillqvist <tml@collabora.com> | 2015-03-12 00:31:18 +0200 |
|---|---|---|
| committer | Tor Lillqvist <tml@collabora.com> | 2015-03-12 00:46:59 +0200 |
| commit | 33434f47ac44f5cb4612a11b1c28c4582976cb25 (patch) | |
| tree | de34147068dd636d00be39342458756454f92536 | |
| parent | 20e5de21225bfd2b55fcff6afcc235b035b38134 (diff) | |
Fix crash when timestamping PDF signature
Using the NSS API for CMS and ASN.1-based stuff in general correctly is
extremely hard. It is very easy to do things slightly wrong. Of course no
compiler warnings are produced. You just get code that happens to work by
accident when compiled with one compiler, but not another, or depending on
contents of uninitialised memory, or the phase of the moon.
The problem was that the "values" field of a NSSCMSAttribute struct apparently
is supposed to point to *two* SECItem pointers, one pointing to the actual
value, and a NULL one.
Anyway, now valgrind finally does not complain about any use of uninitialised
memory.
Most likely my earlier recent commits to this file were not necessary after
all. They just seemed to help by accident, at least at one stage. But
whatever...
Change-Id: Ic98401b5d151bbb2398f809f47699f670e9720fa
| -rw-r--r-- | vcl/source/gdi/pdfwriter_impl.cxx | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx index bc29a4ea42d4..fc44073b4cb1 100644 --- a/vcl/source/gdi/pdfwriter_impl.cxx +++ b/vcl/source/gdi/pdfwriter_impl.cxx @@ -6893,7 +6893,9 @@ bool PDFWriterImpl::finalizeSignature() SECItem response_item; NSSCMSAttribute timestamp; SECItem values[2]; - SECItem *valuesp = values; + SECItem *valuesp[2]; + valuesp[0] = values; + valuesp[1] = NULL; SECOidData typetag; if( !m_aContext.SignTSA.isEmpty() ) @@ -7149,12 +7151,15 @@ bool PDFWriterImpl::finalizeSignature() // timestamp.type filled in below + // Not sure if we actually need two entries in the values array, now when valuesp is an + // array too, the pointer to the values array followed by a null pointer. But I don't feel + // like experimenting. values[0] = response.timeStampToken; values[1].type = siBuffer; values[1].data = NULL; values[1].len = 0; - timestamp.values = &valuesp; + timestamp.values = valuesp; typetag.oid.data = NULL; // id-aa-timeStampToken OBJECT IDENTIFIER ::= { iso(1) |