Return nullptr from RTCCertificate::FromPEM on failure.
BUG=webrtc:6488
Review-Url: https://codereview.webrtc.org/2424093002
Cr-Commit-Position: refs/heads/master@{#14710}
diff --git a/webrtc/base/rtccertificate.cc b/webrtc/base/rtccertificate.cc
index 574bf75..3b3b8c9 100644
--- a/webrtc/base/rtccertificate.cc
+++ b/webrtc/base/rtccertificate.cc
@@ -54,6 +54,8 @@
const RTCCertificatePEM& pem) {
std::unique_ptr<SSLIdentity> identity(SSLIdentity::FromPEMStrings(
pem.private_key(), pem.certificate()));
+ if (!identity)
+ return nullptr;
return new RefCountedObject<RTCCertificate>(identity.release());
}
diff --git a/webrtc/base/rtccertificate.h b/webrtc/base/rtccertificate.h
index 46d6fd4..2417020 100644
--- a/webrtc/base/rtccertificate.h
+++ b/webrtc/base/rtccertificate.h
@@ -66,6 +66,7 @@
// To/from PEM, a text representation of the RTCCertificate.
RTCCertificatePEM ToPEM() const;
+ // Can return nullptr if the certificate is invalid.
static scoped_refptr<RTCCertificate> FromPEM(const RTCCertificatePEM& pem);
bool operator==(const RTCCertificate& certificate) const;
bool operator!=(const RTCCertificate& certificate) const;
diff --git a/webrtc/base/rtccertificate_unittest.cc b/webrtc/base/rtccertificate_unittest.cc
index f5df7f1..b318717 100644
--- a/webrtc/base/rtccertificate_unittest.cc
+++ b/webrtc/base/rtccertificate_unittest.cc
@@ -137,4 +137,10 @@
EXPECT_EQ(orig->Expires(), clone->Expires());
}
+TEST_F(RTCCertificateTest, FromPEMWithInvalidPEM) {
+ RTCCertificatePEM pem("not a valid PEM", "not a valid PEM");
+ scoped_refptr<RTCCertificate> certificate = RTCCertificate::FromPEM(pem);
+ EXPECT_FALSE(certificate);
+}
+
} // namespace rtc