Bug 1169890 - Check return values for CryptoBuffer.Assign() calls r=rbarnes

dom/crypto/CryptoKey.cpp

@@ -550,7 +550,9 @@ CryptoKey::PrivateKeyToPkcs8(SECKEYPrivateKey* aPrivKey,
   if (!pkcs8Item.get()) {
     return NS_ERROR_DOM_INVALID_ACCESS_ERR;
   }
-  aRetVal.Assign(pkcs8Item.get());
+  if (!aRetVal.Assign(pkcs8Item.get())) {
+    return NS_ERROR_DOM_OPERATION_ERR;
+  }
   return NS_OK;
 }
 
@@ -647,7 +649,9 @@ CryptoKey::PublicKeyToSpki(SECKEYPublicKey* aPubKey,
   const SEC_ASN1Template* tpl = SEC_ASN1_GET(CERT_SubjectPublicKeyInfoTemplate);
   ScopedSECItem spkiItem(SEC_ASN1EncodeItem(nullptr, nullptr, spki, tpl));
 
-  aRetVal.Assign(spkiItem.get());
+  if (!aRetVal.Assign(spkiItem.get())) {
+    return NS_ERROR_DOM_OPERATION_ERR;
+  }
   return NS_OK;
 }
 
@@ -1125,7 +1129,9 @@ CryptoKey::PublicDhKeyToRaw(SECKEYPublicKey* aPubKey,
                             CryptoBuffer& aRetVal,
                             const nsNSSShutDownPreventionLock& /*proofOfLock*/)
 {
-  aRetVal.Assign(&aPubKey->u.dh.publicValue);
+  if (!aRetVal.Assign(&aPubKey->u.dh.publicValue)) {
+    return NS_ERROR_DOM_OPERATION_ERR;
+  }
   return NS_OK;
 }
 

dom/crypto/KeyAlgorithmProxy.h

@@ -109,7 +109,7 @@ struct KeyAlgorithmProxy
     mHmac.mHash.mName = aHashName;
   }
 
-  void
+  bool
   MakeRsa(const nsString& aName, uint32_t aModulusLength,
          const CryptoBuffer& aPublicExponent, const nsString& aHashName)
   {
@@ -118,7 +118,10 @@ struct KeyAlgorithmProxy
     mRsa.mName = aName;
     mRsa.mModulusLength = aModulusLength;
     mRsa.mHash.mName = aHashName;
-    mRsa.mPublicExponent.Assign(aPublicExponent);
+    if (!mRsa.mPublicExponent.Assign(aPublicExponent)) {
+      return false;
+    }
+    return true;
   }
 
   void
@@ -130,15 +133,20 @@ struct KeyAlgorithmProxy
     mEc.mNamedCurve = aNamedCurve;
   }
 
-  void
+  bool
   MakeDh(const nsString& aName, const CryptoBuffer& aPrime,
          const CryptoBuffer& aGenerator)
   {
     mType = DH;
     mName = aName;
     mDh.mName = aName;
-    mDh.mPrime.Assign(aPrime);
-    mDh.mGenerator.Assign(aGenerator);
+    if (!mDh.mPrime.Assign(aPrime)) {
+      return false;
+    }
+    if (!mDh.mGenerator.Assign(aGenerator)) {
+      return false;
+    }
+    return true;
   }
 };
 

dom/crypto/WebCryptoTask.cpp

@@ -1603,7 +1603,9 @@ private:
 
     // Extract relevant information from the public key
     mModulusLength = 8 * pubKey->u.rsa.modulus.len;
-    mPublicExponent.Assign(&pubKey->u.rsa.publicExponent);
+    if (!mPublicExponent.Assign(&pubKey->u.rsa.publicExponent)) {
+      return NS_ERROR_DOM_OPERATION_ERR;
+    }
 
     return NS_OK;
   }
@@ -1628,8 +1630,10 @@ private:
     }
 
     // Set an appropriate KeyAlgorithm
-    mKey->Algorithm().MakeRsa(mAlgName, mModulusLength,
-                              mPublicExponent, mHashName);
+    if (!mKey->Algorithm().MakeRsa(mAlgName, mModulusLength,
+                                   mPublicExponent, mHashName)) {
+      return NS_ERROR_DOM_OPERATION_ERR;
+    }
 
     if (mDataIsJwk && !JwkCompatible(mJwk, mKey)) {
       return NS_ERROR_DOM_DATA_ERR;
@@ -1879,7 +1883,9 @@ private:
       return NS_ERROR_DOM_DATA_ERR;
     }
 
-    mKey->Algorithm().MakeDh(mAlgName, mPrime, mGenerator);
+    if (!mKey->Algorithm().MakeDh(mAlgName, mPrime, mGenerator)) {
+      return NS_ERROR_DOM_OPERATION_ERR;
+    }
     return NS_OK;
   }
 };
@@ -2211,14 +2217,20 @@ public:
       }
 
       // Create algorithm
-      mKeyPair.mPublicKey.get()->Algorithm().MakeRsa(algName,
-                                                     modulusLength,
-                                                     publicExponent,
-                                                     hashName);
-      mKeyPair.mPrivateKey.get()->Algorithm().MakeRsa(algName,
-                                                      modulusLength,
-                                                      publicExponent,
-                                                      hashName);
+      if (!mKeyPair.mPublicKey.get()->Algorithm().MakeRsa(algName,
+                                                          modulusLength,
+                                                          publicExponent,
+                                                          hashName)) {
+        mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
+        return;
+      }
+      if (!mKeyPair.mPrivateKey.get()->Algorithm().MakeRsa(algName,
+                                                           modulusLength,
+                                                           publicExponent,
+                                                           hashName)) {
+        mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
+        return;
+      }
       mMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
 
       // Set up params struct
@@ -2268,8 +2280,18 @@ public:
       }
 
       // Create algorithm.
-      mKeyPair.mPublicKey.get()->Algorithm().MakeDh(algName, prime, generator);
-      mKeyPair.mPrivateKey.get()->Algorithm().MakeDh(algName, prime, generator);
+      if (!mKeyPair.mPublicKey.get()->Algorithm().MakeDh(algName,
+                                                         prime,
+                                                         generator)) {
+        mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
+        return;
+      }
+      if (!mKeyPair.mPrivateKey.get()->Algorithm().MakeDh(algName,
+                                                          prime,
+                                                          generator)) {
+        mEarlyRv = NS_ERROR_DOM_OPERATION_ERR;
+        return;
+      }
       mMechanism = CKM_DH_PKCS_KEY_PAIR_GEN;
     } else {
       mEarlyRv = NS_ERROR_DOM_NOT_SUPPORTED_ERR;
@@ -2789,7 +2811,9 @@ private:
       }
 
       NS_ConvertUTF16toUTF8 utf8(json);
-      mResult.Assign((const uint8_t*) utf8.BeginReading(), utf8.Length());
+      if (!mResult.Assign((const uint8_t*) utf8.BeginReading(), utf8.Length())) {
+        return NS_ERROR_DOM_OPERATION_ERR;
+      }
     }
 
     return NS_OK;