Index: mozilla/security/nss/cmd/lib/secutil.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v
retrieving revision 1.126
diff -u -u -r1.126 secutil.c
--- mozilla/security/nss/cmd/lib/secutil.c	7 Jan 2013 04:11:49 -0000	1.126
+++ mozilla/security/nss/cmd/lib/secutil.c	19 Apr 2013 22:43:02 -0000
@@ -504,6 +504,8 @@
 
 	/* Read in ascii data */
 	rv = SECU_FileToItem(&filedata, inFile);
+	if (rv != SECSuccess)
+	    return rv;
 	asc = (char *)filedata.data;
 	if (!asc) {
 	    fprintf(stderr, "unable to read data from input file\n");
@@ -519,20 +521,28 @@
 		body = PORT_Strchr(asc, '\r'); /* maybe this is a MAC file */
 	    if (body)
 		trailer = strstr(++body, "-----END");
-	    if (trailer != NULL) {
+	    if (trailer != NULL)
 		*trailer = '\0';
-	    } else {
+	    if (!body || !trailer) {
 		fprintf(stderr, "input has header but no trailer\n");
 		PORT_Free(filedata.data);
 		return SECFailure;
 	    }
 	} else {
-	    body = asc;
+	    /* need one additional byte for zero terminator */
+	    rv = SECITEM_ReallocItem(NULL, &filedata, filedata.len, filedata.len+1);
+	    if (rv != SECSuccess) {
+		PORT_Free(filedata.data);
+		return rv;
+	    }
+	    filedata.len = filedata.len+1;
+	    body = (char*)filedata.data;
+	    body[filedata.len-1] = '\0';
 	}
      
 	/* Convert to binary */
 	rv = ATOB_ConvertAsciiToItem(der, body);
-	if (rv) {
+	if (rv != SECSuccess) {
 	    fprintf(stderr, "error converting ascii to binary (%s)\n",
 		    SECU_Strerror(PORT_GetError()));
 	    PORT_Free(filedata.data);
@@ -543,7 +553,7 @@
     } else {
 	/* Read in binary der */
 	rv = SECU_FileToItem(der, inFile);
-	if (rv) {
+	if (rv != SECSuccess) {
 	    fprintf(stderr, "error converting der (%s)\n", 
 		    SECU_Strerror(PORT_GetError()));
 	    return SECFailure;