From f7b6acfc03068b06c429386925623a81936f285a Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Wed, 15 Apr 2020 10:59:16 -0400
Subject: [PATCH] Handle NULL pointers in releaseNativeResources

In the style of the previous commit, ensure all pointers are
non-NULL before continuing to free them. Some of these are excessive as
NSS does do some checking, but in this case consistency is better.

Signed-off-by: Alexander Scheel <ascheel@redhat.com>
---
 org/mozilla/jss/pkcs11/PK11Cert.c      |  2 +-
 org/mozilla/jss/pkcs11/PK11Module.c    | 12 +++++-------
 org/mozilla/jss/pkcs11/PK11PrivKey.c   |  2 +-
 org/mozilla/jss/pkcs11/PK11Signature.c | 19 +++++++------------
 org/mozilla/jss/pkcs11/PK11SymKey.c    |  6 ++----
 org/mozilla/jss/pkcs11/PK11Token.c     |  2 +-
 6 files changed, 17 insertions(+), 26 deletions(-)

diff --git a/org/mozilla/jss/pkcs11/PK11Cert.c b/org/mozilla/jss/pkcs11/PK11Cert.c
index e8fdbb193..e9aa3312d 100644
--- a/org/mozilla/jss/pkcs11/PK11Cert.c
+++ b/org/mozilla/jss/pkcs11/PK11Cert.c
@@ -169,7 +169,7 @@ JNIEXPORT void JNICALL
 Java_org_mozilla_jss_pkcs11_CertProxy_releaseNativeResources
   (JNIEnv *env, jobject this)
 {
-	CERTCertificate *cert;
+	CERTCertificate *cert = NULL;
 	PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
 
 	PR_ASSERT(env!=NULL && this!=NULL);
diff --git a/org/mozilla/jss/pkcs11/PK11Module.c b/org/mozilla/jss/pkcs11/PK11Module.c
index ce86ad613..ba0c0fb17 100644
--- a/org/mozilla/jss/pkcs11/PK11Module.c
+++ b/org/mozilla/jss/pkcs11/PK11Module.c
@@ -220,16 +220,14 @@ JNIEXPORT void JNICALL
 Java_org_mozilla_jss_pkcs11_ModuleProxy_releaseNativeResources
     (JNIEnv *env, jobject this)
 {
-    SECMODModule *module;
+    SECMODModule *module = NULL;
 
     if (JSS_getPtrFromProxy(env, this, (void **)&module) != PR_SUCCESS) {
         ASSERT_OUTOFMEM(env);
-        goto finish;
+        return;
     }
-    PR_ASSERT(module != NULL);
-
-    SECMOD_DestroyModule(module);
 
-finish:
-    return;
+    if (module != NULL) {
+        SECMOD_DestroyModule(module);
+    }
 }
diff --git a/org/mozilla/jss/pkcs11/PK11PrivKey.c b/org/mozilla/jss/pkcs11/PK11PrivKey.c
index cc3314405..dfb21fb6a 100644
--- a/org/mozilla/jss/pkcs11/PK11PrivKey.c
+++ b/org/mozilla/jss/pkcs11/PK11PrivKey.c
@@ -226,7 +226,7 @@ JNIEXPORT void JNICALL
 Java_org_mozilla_jss_pkcs11_PrivateKeyProxy_releaseNativeResources
   (JNIEnv *env, jobject this)
 {
-    SECKEYPrivateKey *privk;
+    SECKEYPrivateKey *privk = NULL;
     PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
 
     PR_ASSERT(env!=NULL && this!=NULL);
diff --git a/org/mozilla/jss/pkcs11/PK11Signature.c b/org/mozilla/jss/pkcs11/PK11Signature.c
index db97fff08..d7deaa7b3 100644
--- a/org/mozilla/jss/pkcs11/PK11Signature.c
+++ b/org/mozilla/jss/pkcs11/PK11Signature.c
@@ -606,18 +606,16 @@ JNIEXPORT void JNICALL
 Java_org_mozilla_jss_pkcs11_SigContextProxy_releaseNativeResources
   (JNIEnv *env, jobject this)
 {
-    SigContextProxy *proxy;
+    SigContextProxy *proxy = NULL;
 
     /* Retrieve the proxy pointer */
-    if( JSS_getPtrFromProxy(env, this, (void**)&proxy) != PR_SUCCESS) {
-#ifdef DEBUG
-        PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
-        PR_fprintf(PR_STDERR,
-                    "ERROR: native signature context was not released\n");
-#endif
-        goto finish;
+    if (JSS_getPtrFromProxy(env, this, (void**)&proxy) != PR_SUCCESS) {
+        return;
+    }
+
+    if (proxy == NULL) {
+        return;
     }
-    PR_ASSERT(proxy!=NULL);
 
     /* Free the context and the proxy */
     if(proxy->type == SGN_CONTEXT) {
@@ -627,9 +625,6 @@ Java_org_mozilla_jss_pkcs11_SigContextProxy_releaseNativeResources
         VFY_DestroyContext( (VFYContext*)proxy->ctxt, PR_TRUE /*freeit*/);
     }
     PR_Free(proxy);
-
-finish:
-    ;
 }
 
 /***********************************************************************
diff --git a/org/mozilla/jss/pkcs11/PK11SymKey.c b/org/mozilla/jss/pkcs11/PK11SymKey.c
index 8eaf9b77e..a441fb804 100644
--- a/org/mozilla/jss/pkcs11/PK11SymKey.c
+++ b/org/mozilla/jss/pkcs11/PK11SymKey.c
@@ -364,10 +364,8 @@ Java_org_mozilla_jss_pkcs11_SymKeyProxy_releaseNativeResources
 
     PR_ASSERT(env!=NULL && this!=NULL);
 
-    if( JSS_getPtrFromProxy(env, this, (void**)&key) == PR_SUCCESS) {
+    if (JSS_getPtrFromProxy(env, this, (void**)&key) == PR_SUCCESS &&
+        key != NULL) {
         PK11_FreeSymKey(key);
-    } else {
-        /* can't really throw an exception from a destructor */
-        PR_ASSERT(PR_FALSE);
     }
 }
diff --git a/org/mozilla/jss/pkcs11/PK11Token.c b/org/mozilla/jss/pkcs11/PK11Token.c
index 06c38c42f..1f929fba2 100644
--- a/org/mozilla/jss/pkcs11/PK11Token.c
+++ b/org/mozilla/jss/pkcs11/PK11Token.c
@@ -795,7 +795,7 @@ JNIEXPORT void JNICALL
 Java_org_mozilla_jss_pkcs11_TokenProxy_releaseNativeResources
   (JNIEnv *env, jobject this)
 {
-    PK11SlotInfo *slot;
+    PK11SlotInfo *slot = NULL;
 
     PR_ASSERT(env!=NULL && this!=NULL);