Related: tdf#95144 rework to avoid bad casts

Change-Id: I89f84dae055b9a1058771021cb42dbc442405206

3 files changed, 73 insertions, 21 deletions

diff --git a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx
index 49ff9c71f5e4..b41875810bb9 100644
--- a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx
@@ -193,4 +193,29 @@ OString SanExtensionImpl::removeOIDFromString( const OString &oidString)
 
 }
 
+void SanExtensionImpl::setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, bool critical ) {
+    unsigned int i ;
+    if( value != nullptr && vlen != 0 ) {
+        Sequence< sal_Int8 > extnv( vlen ) ;
+        for( i = 0; i < vlen ; i ++ )
+            extnv[i] = *( value + i ) ;
+
+        m_xExtnValue = extnv ;
+    } else {
+        m_xExtnValue = Sequence<sal_Int8>();
+    }
+
+    if( id != nullptr && idlen != 0 ) {
+        Sequence< sal_Int8 > extnId( idlen ) ;
+        for( i = 0; i < idlen ; i ++ )
+            extnId[i] = *( id + i ) ;
+
+        m_xExtnId = extnId ;
+    } else {
+        m_xExtnId =  Sequence<sal_Int8>();
+    }
+
+    m_critical = critical ;
+}
+
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx
index dfbe91fac7bb..53c6814ef3f2 100644
--- a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx
+++ b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx
@@ -52,6 +52,8 @@ class SanExtensionImpl : public ::cppu::WeakImplHelper<
 
         virtual css::uno::Sequence< sal_Int8 > SAL_CALL getExtensionValue() throw( css::uno::RuntimeException, std::exception ) override ;
 
+        void setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, bool critical ) ;
+
         //Methods from XSanExtension
 
         virtual css::uno::Sequence< css::security::CertAltNameEntry > SAL_CALL getAlternativeNames() throw( css::uno::RuntimeException, std::exception ) override ;
diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx
index 392d1b9bc600..be930a222b3e 100644
--- a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx
@@ -28,6 +28,7 @@
 
 #include <sal/config.h>
 #include <comphelper/servicehelper.hxx>
+#include <rtl/ref.hxx>
 #include "x509certificate_nssimpl.hxx"
 
 #include "certificateextension_xmlsecimpl.hxx"
@@ -178,8 +179,6 @@ css::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectUniqu
 css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl::getExtensions() throw ( css::uno::RuntimeException, std::exception) {
     if( m_pCert != nullptr && m_pCert->extensions != nullptr ) {
         CERTCertExtension** extns ;
-        CertificateExtension_XmlSecImpl* pExtn ;
-        bool crit ;
         int len ;
 
         for( len = 0, extns = m_pCert->extensions; *extns != nullptr; len ++, extns ++ ) ;
@@ -189,6 +188,12 @@ css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension >
             const SECItem id = (*extns)->id;
             OString oidString(CERT_GetOidString(&id));
 
+            bool crit;
+            if( (*extns)->critical.data == nullptr )
+                crit = false ;
+            else
+                crit = (*extns)->critical.data[0] == 0xFF;
+
             // remove "OID." prefix if existing
             OString objID;
             OString oid("OID.");
@@ -197,18 +202,23 @@ css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension >
             else
                 objID = oidString;
 
-            if ( objID.equals("2.5.29.17") )
-                pExtn = reinterpret_cast<CertificateExtension_XmlSecImpl*>(new SanExtensionImpl());
-            else
-                pExtn = new CertificateExtension_XmlSecImpl() ;
+            unsigned char* value = (*extns)->value.data;
+            unsigned int vlen = (*extns)->value.len;
+            unsigned char* objid = reinterpret_cast<unsigned char *>(const_cast<char *>(objID.getStr()));
+            unsigned int objidlen = objID.getLength();
 
-            if( (*extns)->critical.data == nullptr )
-                crit = false ;
+            if (objID.equals("2.5.29.17"))
+            {
+                SanExtensionImpl* pExtn = new SanExtensionImpl();
+                pExtn->setCertExtn(value, vlen, objid, objidlen, crit);
+                xExtns[len] = pExtn ;
+            }
             else
-                crit = (*extns)->critical.data[0] == 0xFF;
-            pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, reinterpret_cast<unsigned char *>(const_cast<char *>(objID.getStr())), objID.getLength(), crit ) ;
-
-            xExtns[len] = pExtn ;
+            {
+                CertificateExtension_XmlSecImpl* pExtn = new CertificateExtension_XmlSecImpl();
+                pExtn->setCertExtn(value, vlen, objid, objidlen, crit);
+                xExtns[len] = pExtn;
+            }
         }
 
         return xExtns ;
@@ -219,33 +229,48 @@ css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension >
 
 css::uno::Reference< css::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl::findCertificateExtension( const css::uno::Sequence< sal_Int8 >& oid ) throw (css::uno::RuntimeException, std::exception) {
     if( m_pCert != nullptr && m_pCert->extensions != nullptr ) {
-        CertificateExtension_XmlSecImpl* pExtn ;
         CERTCertExtension** extns ;
         SECItem idItem ;
-        bool crit ;
 
         idItem.data = reinterpret_cast<unsigned char *>(const_cast<sal_Int8 *>(oid.getConstArray()));
         idItem.len = oid.getLength() ;
 
-        pExtn = nullptr ;
+        css::uno::Reference<css::security::XCertificateExtension> xExtn;
         for( extns = m_pCert->extensions; *extns != nullptr; extns ++ ) {
             if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) {
                 const SECItem id = (*extns)->id;
                 OString objId(CERT_GetOidString(&id));
-                if ( objId.equals("OID.2.5.29.17") )
-                    pExtn = reinterpret_cast<CertificateExtension_XmlSecImpl*>(new SanExtensionImpl());
-                else
-                    pExtn = new CertificateExtension_XmlSecImpl() ;
+
+                bool crit;
                 if( (*extns)->critical.data == nullptr )
                     crit = false ;
                 else
                     crit = (*extns)->critical.data[0] == 0xFF;
-                pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ;
+
+                unsigned char* value = (*extns)->value.data;
+                unsigned int vlen = (*extns)->value.len;
+                unsigned char* objid = (*extns)->id.data;
+                unsigned int objidlen = (*extns)->id.len;
+
+                if ( objId.equals("OID.2.5.29.17") )
+                {
+                    rtl::Reference<SanExtensionImpl> xSanImpl(
+                        new SanExtensionImpl());
+                    xSanImpl->setCertExtn(value, vlen, objid, objidlen, crit);
+                    xExtn = xSanImpl.get();
+                }
+                else
+                {
+                    rtl::Reference<CertificateExtension_XmlSecImpl> xSecImpl(
+                        new CertificateExtension_XmlSecImpl());
+                    xSecImpl->setCertExtn(value, vlen, objid, objidlen, crit);
+                    xExtn = xSecImpl.get();
+                }
                 break;
             }
         }
 
-        return pExtn ;
+        return xExtn;
     } else {
         return nullptr ;
     }