From: Apple Date: Tue, 5 Mar 2013 23:16:45 +0000 (+0000) Subject: Security-55179.13.tar.gz X-Git-Tag: mac-os-x-1084^0 X-Git-Url: https://git.saurik.com/apple/security.git/commitdiff_plain/c38e3ce98599a410a47dc10253faa4d5830f13b2 Security-55179.13.tar.gz --- diff --git a/lib/Info-Security.plist b/lib/Info-Security.plist index 07a2c204..65447ee7 100644 --- a/lib/Info-Security.plist +++ b/lib/Info-Security.plist @@ -19,6 +19,6 @@ CFBundleSignature ???? CFBundleVersion - 55179.11 + 55179.13 diff --git a/lib/plugins/csparser-Info.plist b/lib/plugins/csparser-Info.plist index 71e78740..28d41d49 100644 --- a/lib/plugins/csparser-Info.plist +++ b/lib/plugins/csparser-Info.plist @@ -17,7 +17,7 @@ CFBundleSignature ???? CFBundleVersion - 55179.11 + 55179.13 CFBundleShortVersionString 3.0 diff --git a/libsecurity_cdsa_utilities/lib/cssmdb.h b/libsecurity_cdsa_utilities/lib/cssmdb.h index a8bf1dd3..f4fa0bef 100644 --- a/libsecurity_cdsa_utilities/lib/cssmdb.h +++ b/libsecurity_cdsa_utilities/lib/cssmdb.h @@ -672,7 +672,8 @@ public: const CssmSubserviceUid &ssuid() const { return mImpl->ssuid(); } const char *dbName() const { return mImpl->dbName(); } const CssmNetAddress *dbLocation() const { return mImpl->dbLocation(); } - + bool IsImplEmpty() const {return mImpl == NULL;} + RefPointer mImpl; }; diff --git a/libsecurity_cdsa_utilities/lib/cssmpods.cpp b/libsecurity_cdsa_utilities/lib/cssmpods.cpp index 60e5ddd0..d17dba41 100644 --- a/libsecurity_cdsa_utilities/lib/cssmpods.cpp +++ b/libsecurity_cdsa_utilities/lib/cssmpods.cpp @@ -133,6 +133,12 @@ CssmSubserviceUid::CssmSubserviceUid(const CSSM_GUID &guid, bool CssmSubserviceUid::operator == (const CSSM_SUBSERVICE_UID &otherUid) const { + // make sure we don't crash if we get bad data + if (&otherUid == 0x0) + { + return false; + } + const CssmSubserviceUid &other = CssmSubserviceUid::overlay(otherUid); return subserviceId() == other.subserviceId() && subserviceType() == other.subserviceType() @@ -141,6 +147,11 @@ bool CssmSubserviceUid::operator == (const CSSM_SUBSERVICE_UID &otherUid) const bool CssmSubserviceUid::operator < (const CSSM_SUBSERVICE_UID &otherUid) const { + if (&otherUid == 0x0) + { + return false; + } + const CssmSubserviceUid &other = CssmSubserviceUid::overlay(otherUid); if (subserviceId() < other.subserviceId()) return true; diff --git a/libsecurity_keychain/lib/DLDBListCFPref.cpp b/libsecurity_keychain/lib/DLDBListCFPref.cpp index ee11d931..7043a1bb 100644 --- a/libsecurity_keychain/lib/DLDBListCFPref.cpp +++ b/libsecurity_keychain/lib/DLDBListCFPref.cpp @@ -863,6 +863,11 @@ DLDbListCFPref::rename(const DLDbIdentifier &oldId, const DLDbIdentifier &newId) bool DLDbListCFPref::member(const DLDbIdentifier &dldbIdentifier) { + if (dldbIdentifier.IsImplEmpty()) + { + return false; + } + for (vector::const_iterator ix = searchList().begin(); ix != mSearchList.end(); ++ix) { if (ix->mImpl == NULL) diff --git a/libsecurity_keychain/lib/KeyItem.cpp b/libsecurity_keychain/lib/KeyItem.cpp index 5e91524a..0b7149d0 100644 --- a/libsecurity_keychain/lib/KeyItem.cpp +++ b/libsecurity_keychain/lib/KeyItem.cpp @@ -1158,7 +1158,7 @@ KeyItem::generate(Keychain keychain, void KeyItem::RawSign(SecPadding padding, CSSM_DATA dataToSign, const AccessCredentials *credentials, CSSM_DATA& signature) { CSSM_ALGORITHMS baseAlg = key()->header().algorithm(); - if (baseAlg != CSSM_ALGID_RSA) + if ((baseAlg != CSSM_ALGID_RSA) && (baseAlg != CSSM_ALGID_ECDSA)) { MacOSError::throwMe(paramErr); } @@ -1216,7 +1216,7 @@ void KeyItem::RawSign(SecPadding padding, CSSM_DATA dataToSign, const AccessCred void KeyItem::RawVerify(SecPadding padding, CSSM_DATA dataToVerify, const AccessCredentials *credentials, CSSM_DATA sig) { CSSM_ALGORITHMS baseAlg = key()->header().algorithm(); - if (baseAlg != CSSM_ALGID_RSA) + if ((baseAlg != CSSM_ALGID_RSA) && (baseAlg != CSSM_ALGID_ECDSA)) { MacOSError::throwMe(paramErr); }