Bug 1270836 - prevent null pointer dereference on |data|. r?emaldona
MozReview-Commit-ID: 45LFxknL9Jy
--- a/security/nss/lib/ssl/sslcert.c
+++ b/security/nss/lib/ssl/sslcert.c
@@ -446,17 +446,18 @@ ssl_ConfigCertByUsage(sslSocket *ss, CER
}
/* Check that we successfully picked an authType */
if (arg.authType == ssl_auth_null) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
/* |data->authType| has to either agree or be ssl_auth_null. */
- if (data->authType != ssl_auth_null && data->authType != arg.authType) {
+ if (data && data->authType != ssl_auth_null &&
+ data->authType != arg.authType) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
return ssl_ConfigCert(ss, cert, keyPair, &arg);
}
/* This function adopts pubKey and destroys it if things go wrong. */
static ssl3KeyPair *