diff options
author | Jonathan Dixon <joth@google.com> | 2012-06-06 17:47:18 -0700 |
---|---|---|
committer | Jonathan Dixon <joth@google.com> | 2012-06-07 10:39:44 -0700 |
commit | 95b2bad159f2dbca0555e82f156db8424b75c2b8 (patch) | |
tree | 110e6573035af6678ad5c924d1e21a8285f6b917 /net/base/x509_certificate.h | |
parent | f4dca79bcaa251f18d504a81766e3f5a6397ba43 (diff) | |
download | external_chromium-95b2bad159f2dbca0555e82f156db8424b75c2b8.zip external_chromium-95b2bad159f2dbca0555e82f156db8424b75c2b8.tar.gz external_chromium-95b2bad159f2dbca0555e82f156db8424b75c2b8.tar.bz2 |
Work around for use-after-free cert bug
Holds a strong references in the cert cache.
This is a simpler alternative to full backport of upstream fix,
from http://crrev.com/92977 -- see bug for more details.
BUG: 6508448
Change-Id: Ib47ca2e33b9e43ac47baf645069ecaab257ec74a
Diffstat (limited to 'net/base/x509_certificate.h')
-rw-r--r-- | net/base/x509_certificate.h | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/net/base/x509_certificate.h b/net/base/x509_certificate.h index 89865cc..a66fad9 100644 --- a/net/base/x509_certificate.h +++ b/net/base/x509_certificate.h @@ -137,7 +137,7 @@ class NET_EXPORT X509Certificate : public base::RefCountedThreadSafe<X509Certifi // cache isn't caching the corresponding intermediate CA certificates yet // (http://crbug.com/7065). // The returned pointer must be stored in a scoped_refptr<X509Certificate>. - static X509Certificate* CreateFromHandle(OSCertHandle cert_handle, + static scoped_refptr<X509Certificate> CreateFromHandle(OSCertHandle cert_handle, Source source, const OSCertHandles& intermediates); @@ -147,14 +147,14 @@ class NET_EXPORT X509Certificate : public base::RefCountedThreadSafe<X509Certifi // certificates. See the comment for |CreateFromHandle| about the |source| // argument. // The returned pointer must be stored in a scoped_refptr<X509Certificate>. - static X509Certificate* CreateFromDERCertChain( + static scoped_refptr<X509Certificate> CreateFromDERCertChain( const std::vector<base::StringPiece>& der_certs); // Create an X509Certificate from the DER-encoded representation. // Returns NULL on failure. // // The returned pointer must be stored in a scoped_refptr<X509Certificate>. - static X509Certificate* CreateFromBytes(const char* data, int length); + static scoped_refptr<X509Certificate> CreateFromBytes(const char* data, int length); // Create an X509Certificate from the representation stored in the given // pickle. The data for this object is found relative to the given @@ -162,7 +162,7 @@ class NET_EXPORT X509Certificate : public base::RefCountedThreadSafe<X509Certifi // Returns NULL on failure. // // The returned pointer must be stored in a scoped_refptr<X509Certificate>. - static X509Certificate* CreateFromPickle(const Pickle& pickle, + static scoped_refptr<X509Certificate> CreateFromPickle(const Pickle& pickle, void** pickle_iter, PickleType type); @@ -192,7 +192,7 @@ class NET_EXPORT X509Certificate : public base::RefCountedThreadSafe<X509Certifi // 2. Self-signed certificates cannot be revoked. // // Use this certificate only after the above risks are acknowledged. - static X509Certificate* CreateSelfSigned(crypto::RSAPrivateKey* key, + static scoped_refptr<X509Certificate> CreateSelfSigned(crypto::RSAPrivateKey* key, const std::string& subject, uint32 serial_number, base::TimeDelta valid_duration); |