494087 - Passing NULL as the value of cert_pi_trustAnchors causes a crash in cert_pkixSetParam. r=wtc.

git-svn-id: svn://10.0.0.236/trunk@257299 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/security/nss/lib/certdb/certt.h

@@ -36,7 +36,7 @@
 /*
  * certt.h - public data structures for the certificate library
  *
- * $Id: certt.h,v 1.51 2009-05-22 04:29:55 wtc%google.com Exp $
+ * $Id: certt.h,v 1.52 2009-05-29 18:10:38 alexei.volkov.bugs%sun.com Exp $
  */
 #ifndef _CERTT_H_
 #define _CERTT_H_
@@ -940,8 +940,13 @@ typedef enum {
    cert_pi_certStores      = 10,/* Bitmask of Cert Store flags (see below)
 				 * Set in value.scalar.ui */
    cert_pi_trustAnchors    = 11,/* Specify the list of trusted roots to 
-				 * validate against. If the list in NULL all
-				 * default trusted roots are used.
+				 * validate against. 
+				 * The default set of trusted roots, these are
+				 * root CA certs from libnssckbi.so or CA
+				 * certs trusted by user, are used in any of
+				 * the following cases:
+				 *      * when the parameter is not set.
+				 *      * when the list of trust anchors is empty.
 				 * Specified in value.pointer.chain */
    cert_pi_useAIACertFetch = 12, /* Enables cert fetching using AIA extension.
 				 * In NSS 3.12.1 or later. Default is off.

mozilla/security/nss/lib/certhigh/certvfypkix.c

@@ -1690,7 +1690,11 @@ cert_pkixSetParam(PKIX_ProcessingParams *procParams,
 
         case cert_pi_trustAnchors:
             certList = param->value.pointer.chain;
-
+            if (!certList) {
+                PORT_SetError(errCode);
+                r = SECFailure;
+                break;
+            }
             error = PKIX_List_Create(&certListPkix, plContext);
             if (error != NULL) {
                 break;