From b9eaeba71f52939557b8abc5042902e50d5ccd2e Mon Sep 17 00:00:00 2001
From: jbroman <jbroman@chromium.org>
Date: Thu, 20 Oct 2016 10:27:21 -0700
Subject: [PATCH] Return nullptr from RTCCertificate::FromPEM on failure.

BUG=webrtc:6488

Review-Url: https://codereview.webrtc.org/2424093002
Cr-Commit-Position: refs/heads/master@{#14710}
---
 webrtc/base/rtccertificate.cc          | 2 ++
 webrtc/base/rtccertificate.h           | 1 +
 webrtc/base/rtccertificate_unittest.cc | 6 ++++++
 3 files changed, 9 insertions(+)

diff --git a/webrtc/base/rtccertificate.cc b/webrtc/base/rtccertificate.cc
index 574bf75bf2..3b3b8c9e89 100644
--- a/webrtc/base/rtccertificate.cc
+++ b/webrtc/base/rtccertificate.cc
@@ -54,6 +54,8 @@ scoped_refptr<RTCCertificate> RTCCertificate::FromPEM(
     const RTCCertificatePEM& pem) {
   std::unique_ptr<SSLIdentity> identity(SSLIdentity::FromPEMStrings(
       pem.private_key(), pem.certificate()));
+  if (!identity)
+    return nullptr;
   return new RefCountedObject<RTCCertificate>(identity.release());
 }
 
diff --git a/webrtc/base/rtccertificate.h b/webrtc/base/rtccertificate.h
index 46d6fd427c..24170208eb 100644
--- a/webrtc/base/rtccertificate.h
+++ b/webrtc/base/rtccertificate.h
@@ -66,6 +66,7 @@ class RTCCertificate : public RefCountInterface {
 
   // To/from PEM, a text representation of the RTCCertificate.
   RTCCertificatePEM ToPEM() const;
+  // Can return nullptr if the certificate is invalid.
   static scoped_refptr<RTCCertificate> FromPEM(const RTCCertificatePEM& pem);
   bool operator==(const RTCCertificate& certificate) const;
   bool operator!=(const RTCCertificate& certificate) const;
diff --git a/webrtc/base/rtccertificate_unittest.cc b/webrtc/base/rtccertificate_unittest.cc
index f5df7f1130..b318717790 100644
--- a/webrtc/base/rtccertificate_unittest.cc
+++ b/webrtc/base/rtccertificate_unittest.cc
@@ -137,4 +137,10 @@ TEST_F(RTCCertificateTest, CloneWithPEMSerialization) {
   EXPECT_EQ(orig->Expires(), clone->Expires());
 }
 
+TEST_F(RTCCertificateTest, FromPEMWithInvalidPEM) {
+  RTCCertificatePEM pem("not a valid PEM", "not a valid PEM");
+  scoped_refptr<RTCCertificate> certificate = RTCCertificate::FromPEM(pem);
+  EXPECT_FALSE(certificate);
+}
+
 }  // namespace rtc