Closed Bug 178342 Opened 22 years ago Closed 22 years ago

SSL_SecurityStatus() crashes when AES ciphersuite in use

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Assigned: nelson)

Details

Attachments

(1 file)

fix bulk cipher string table, add comment to enum type
1.08 KB, patch
Details | Diff | Splinter Review
When the AES ciphersuites were added to NSS 3.4, the 128-bit and 256-bit AES bulk ciphers were added to the enumerated type SSL3BulkCipher, but the corresponding strings "AES-128" and "AES-256" were not added to the table of bulk cipher names known as ssl3_cipherName[] in ssl3con.c. Consequently, when an NSS user calls SSL_SecurityStatus for an SSL socket that is using 256-bit AES, a crash occurs because a pointer is obtained from past the end of the ssl3_cipherName table. The strings should be added to ssl3_cipherName, and a comment should be added to the enum SSL3BulkCipher, reminding developers to keep the array of strings in sync with the enum.
I'm marking this P1 for 3.7. If you think it needs to go into 3.6.1, please advise.
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → 3.7
Does Mozilla/Netscape use AES? If so we should definately get it in NSS 3.6. I would vote for getting it in either case anyway, but I'm not sure it would be as critical to do so. bob
This bug was reported by a server product that uses NSS. I _think_ that PSM has switched from using SSL_SecurityStatus to using SSL_GetChannelInfo and SSL_GetCipherSuiteInfo, which do not have this problem. NSS stopped testing SSL_SecurityStatus when SSL_GetChannelInfo and SSL_GetCipherSuiteInfo were added to libSSL.
Fixed on trunk and in NSS 3.6.1 branch.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Target Milestone: 3.7 → 3.6.1
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: