Merge 196542 "Handle NullPointerException when verifying EKU ext..."

> Handle NullPointerException when verifying EKU extension.
> 
> The code in X509Util.verifyKeyUsage() calls certificate.getExtendedKeyUsage()
> which can crash due to an Android platform bug. It looks like this can only
> happen when the EKU extension data is malformed, so handle this special case
> by returning false in the function.
> 
> BUG=233610
> 
> Review URL: https://chromiumcodereview.appspot.com/13829011

TBR=digit@chromium.org

Review URL: https://codereview.chromium.org/14858028

git-svn-id: svn://svn.chromium.org/chrome/branches/1453/src@199266 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 9 insertions, 1 deletions

diff --git a/net/android/java/src/org/chromium/net/X509Util.java b/net/android/java/src/org/chromium/net/X509Util.java
index 15481e9..40beaf9 100644
--- a/net/android/java/src/org/chromium/net/X509Util.java
+++ b/net/android/java/src/org/chromium/net/X509Util.java
@@ -150,7 +150,15 @@ public class X509Util {
      * TrustManager and that change is shipped to a large majority of Android users.
      */
     static boolean verifyKeyUsage(X509Certificate certificate) throws CertificateException {
-        List<String> ekuOids = certificate.getExtendedKeyUsage();
+        List<String> ekuOids;
+        try {
+            ekuOids = certificate.getExtendedKeyUsage();
+        } catch (NullPointerException e) {
+            // getExtendedKeyUsage() can crash due to an Android platform bug. This probably
+            // happens when the EKU extension data is malformed so return false here.
+            // See http://crbug.com/233610
+            return false;
+        }
         if (ekuOids == null)
             return true;