vcl/source/gdi/pdfwriter_impl.cxx | 25 ++++++++++++-------------
1 file changed, 12 insertions(+), 13 deletions(-)
New commits:
commit 6bcbcb21faed17e529591f29aa0e492600f49ec3
Author: Tor Lillqvist <t...@collabora.com>
Date: Thu Mar 12 00:31:18 2015 +0200
Fix crash when timestamping PDF signature
Using the NSS API for CMS and ASN.1-based stuff in general correctly is
extremely hard. It is very easy to do things slightly wrong. Of course no
compiler warnings are produced. You just get code that happens to work by
accident when compiled with one compiler, but not another, or depending on
contents of uninitialised memory, or the phase of the moon.
The problem was that the "values" field of a NSSCMSAttribute struct
apparently
is supposed to point to *two* SECItem pointers, one pointing to the actual
value, and a NULL one.
Anyway, now valgrind finally does not complain about any use of
uninitialised
memory.
Most likely my earlier recent commits to this file were not necessary after
all. They just seemed to help by accident, at least at one stage. But
whatever...
Change-Id: Ic98401b5d151bbb2398f809f47699f670e9720fa
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx
b/vcl/source/gdi/pdfwriter_impl.cxx
index f815d99..296a76a 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -6857,7 +6857,9 @@ bool PDFWriterImpl::finalizeSignature()
SECItem response_item;
NSSCMSAttribute timestamp;
SECItem values[2];
- SECItem *valuesp = values;
+ SECItem *valuesp[2];
+ valuesp[0] = values;
+ valuesp[1] = NULL;
SECOidData typetag;
if( !m_aContext.SignTSA.isEmpty() )
@@ -7114,12 +7116,15 @@ bool PDFWriterImpl::finalizeSignature()
// timestamp.type filled in below
+ // Not sure if we actually need two entries in the values array, now
when valuesp is an
+ // array too, the pointer to the values array followed by a null
pointer. But I don't feel
+ // like experimenting.
values[0] = response.timeStampToken;
values[1].type = siBuffer;
values[1].data = NULL;
values[1].len = 0;
- timestamp.values = &valuesp;
+ timestamp.values = valuesp;
typetag.oid.data = NULL;
// id-aa-timeStampToken OBJECT IDENTIFIER ::= { iso(1)
commit a7d335746e6ab6807b39719d9cf15335e67082f9
Author: Tor Lillqvist <t...@collabora.com>
Date: Wed Mar 11 22:31:47 2015 +0200
Don't bother with macros that are dummy on Unix in Unix-only code
In NSS's <secasn1t.h>, for non-Windows:
#define SEC_ASN1_SUB(x) x
#define SEC_ASN1_XTRN 0
#define SEC_ASN1_MKSUB(x)
Change-Id: Ie42d881cebffdd060309d6a15d8d9c319c260699
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx
b/vcl/source/gdi/pdfwriter_impl.cxx
index 8fb4f36..f815d99 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -6262,16 +6262,10 @@ TimeStampResp ::= SEQUENCE {
timeStampToken TimeStampToken OPTIONAL }
*/
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(MessageImprint_Template)
-SEC_ASN1_MKSUB(Extensions_Template)
-SEC_ASN1_MKSUB(PKIStatusInfo_Template)
-SEC_ASN1_MKSUB(Any_Template)
-
const SEC_ASN1Template MessageImprint_Template[] =
{
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(MessageImprint) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(MessageImprint,
hashAlgorithm), SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate), 0 },
+ { SEC_ASN1_INLINE, offsetof(MessageImprint, hashAlgorithm),
SECOID_AlgorithmIDTemplate, 0 },
{ SEC_ASN1_OCTET_STRING, offsetof(MessageImprint, hashedMessage), 0, 0 },
{ 0, 0, 0, 0 }
};
@@ -6294,11 +6288,11 @@ const SEC_ASN1Template TimeStampReq_Template[] =
{
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(TimeStampReq) },
{ SEC_ASN1_INTEGER, offsetof(TimeStampReq, version), 0, 0 },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(TimeStampReq, messageImprint),
SEC_ASN1_SUB(MessageImprint_Template), 0 },
+ { SEC_ASN1_INLINE, offsetof(TimeStampReq, messageImprint),
MessageImprint_Template, 0 },
{ SEC_ASN1_OBJECT_ID | SEC_ASN1_OPTIONAL, offsetof(TimeStampReq,
reqPolicy), 0, 0 },
{ SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof(TimeStampReq, nonce), 0,
0 },
{ SEC_ASN1_BOOLEAN | SEC_ASN1_OPTIONAL, offsetof(TimeStampReq, certReq),
0, 0 },
- { SEC_ASN1_XTRN | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
offsetof(TimeStampReq, extensions), SEC_ASN1_SUB(Extensions_Template), 0 },
+ { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
offsetof(TimeStampReq, extensions), Extensions_Template, 0 },
{ 0, 0, 0, 0 }
};
@@ -6330,8 +6324,8 @@ typedef struct {
const SEC_ASN1Template TimeStampResp_Template[] =
{
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(TimeStampResp) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(TimeStampResp, status),
SEC_ASN1_SUB(PKIStatusInfo_Template), 0 },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL, offsetof(TimeStampResp,
timeStampToken), SEC_ASN1_SUB(Any_Template), 0 },
+ { SEC_ASN1_INLINE, offsetof(TimeStampResp, status),
PKIStatusInfo_Template, 0 },
+ { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL, offsetof(TimeStampResp,
timeStampToken), Any_Template, 0 },
{ 0, 0, 0, 0 }
};
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
