Skip to content
  • Kamil Dudka's avatar
    nss: prevent NSS from crashing on client auth hook failure · 68d2830e
    Kamil Dudka authored
    Although it is not explicitly stated in the documentation, NSS uses
    *pRetCert and *pRetKey even if the client authentication hook returns
    a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
    afterwards, NSS destroys the certificate once again, which causes a
    double free.
    
    Reported by: Bob Relyea
    68d2830e