Closed
Bug 233019
Opened 21 years ago
Closed 21 years ago
CERT_FindCertByKeyID crashes using NULL ptr
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.10
People
(Reporter: nelson, Assigned: nelson)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
|
1.48 KB,
patch
|
julien.pierre
:
review+
|
Details | Diff | Splinter Review |
CERT_FindCertByKeyID is needed to find the CA cert that issued a CRL.
But the present implementation is badly broken.
It uses a cert pointer that is always NULL.
I have coded and tested a fix.
Patch forthcoming.
|
Assignee | |
Comment 1•21 years ago
|
||
Marking p2 for NSS 3.10. If desired, this patch can be put in 3.9.1
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.10
|
|
Assignee | |
Comment 2•21 years ago
|
||
This patch fixes several bugs:
1) it passes the correct pointer (not NULL) to SECITEM_ItemsAreEqual
2) It terminates the loop when it reaches the end of the circular
doubly-linked list of cert nodes
3) It frees the cert list before returning.
4) It sets the error code if it fails to find any matching certs.
|
|
Assignee | |
Comment 3•21 years ago
|
||
Comment on attachment 140570 [details] [diff] [review]
patch v1
Julien, Please review.
Attachment #140570 -
Flags: review?(jpierre)
|
||
Comment 4•21 years ago
|
||
Comment on attachment 140570 [details] [diff] [review]
patch v1
Fix looks good.
It would be nice if we cached the certs by keyID in a hash table, rather that
looping over everything to do the lookup, but this would probably belong in
another layer (cert cache, stan?).
Attachment #140570 -
Flags: review?(jpierre) → review+
|
|
Assignee | |
Comment 5•21 years ago
|
||
/cvsroot/mozilla/security/nss/lib/certdb/stanpcertdb.c,v <-- stanpcertdb.c
new revision: 1.63; previous revision: 1.62
Thanks for the review.
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•