Closed Bug 144309 Opened 22 years ago Closed 22 years ago

STAN_GetCERTCertificate return value not checked

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: julien.pierre, Assigned: bugz)

References

Details

(Whiteboard: [adt2 RTM])

Attachments

(1 file, 1 obsolete file)

handle NULL rv's from all STAN_GetCERTCertificate calls
6.63 KB, patch
wtc
: review+
Details | Diff | Splinter Review 
In many parts of stanpcertdb.c , the returned CERTCertificate pointer is not 
checked. It can be NULL, for example for newly-decoded certificates.
OS: Windows 2000 → All
Priority: -- → P2
Target Milestone: --- → 3.5

    
    

    
  
Assigned the bug to Ian.
Assignee: wtc → ian.mcgreer

    
    

    
  


  
This patch expands on the last one, to find all places where return from
STAN_GetCERTCertificate can return NULL.  As Julien noted, that can occur if
the encoding was somehow invalid, or if CERT_DecodeDERCertificate failed for
some other reason.

This patch is somewhat paranoid.  The most important change is in pkibase.c,
where cert_CreateObject returns NULL if STAN_GetCERTCertificate fails.	At that
point, even the NSSCertificate is destroyed, and it disappears from the system.
 So in reality, hitting failure cases anywhere else should not happen.	But I
decided to be strict anyway.

    
  

        Attachment #83434 -
        Attachment is obsolete: true

    
    

    
  
Comment on attachment 83794 [details] [diff] [review]
handle NULL rv's from all STAN_GetCERTCertificate calls

r=wtc.

        Attachment #83794 -
        Flags: review+

    
    

    
  
checked into NSS_3_5_BRANCH and tip.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED

    
  
Blocks: 145836

    
    

    
  
adt1.0.1+ (on ADT's behalf) for checkin to the 1.0 branch. Pls check this in
asap. thanks! 
Keywords: adt1.0.1+, 
          
            mozilla1.0.1, 
          
            nsbeta1+
Whiteboard: [adt2 RTM]

    
  
Keywords: adt1.0.1+, 
          
            mozilla1.0.1fixed1.0.1

    
    

    
  
Verified in the latest branch code.  The patch is intact.
Status: RESOLVED → VERIFIED
Keywords: fixed1.0.1verified1.0.1

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: