Handle NullPointerException when verifying EKU extension.

The code in X509Util.verifyKeyUsage() calls certificate.getExtendedKeyUsage()
which can crash due to an Android platform bug. It looks like this can only
happen when the EKU extension data is malformed, so handle this special case
by returning false in the function.

BUG=233610

Review URL: https://chromiumcodereview.appspot.com/13829011

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196542 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 9 insertions, 1 deletions

diff --git a/net/android/java/src/org/chromium/net/X509Util.java b/net/android/java/src/org/chromium/net/X509Util.java
index a50399e..1c0c045 100644
--- a/net/android/java/src/org/chromium/net/X509Util.java
+++ b/net/android/java/src/org/chromium/net/X509Util.java
@@ -150,7 +150,15 @@ public class X509Util {
      * TrustManager and that change is shipped to a large majority of Android users.
      */
     static boolean verifyKeyUsage(X509Certificate certificate) throws CertificateException {
-        List<String> ekuOids = certificate.getExtendedKeyUsage();
+        List<String> ekuOids;
+        try {
+            ekuOids = certificate.getExtendedKeyUsage();
+        } catch (NullPointerException e) {
+            // getExtendedKeyUsage() can crash due to an Android platform bug. This probably
+            // happens when the EKU extension data is malformed so return false here.
+            // See http://crbug.com/233610
+            return false;
+        }
         if (ekuOids == null)
             return true;