Closed
Bug 353763
Opened 18 years ago
Closed 18 years ago
klocwork Null ptr dereferences in pk11cert.c
Categories
(NSS :: Libraries, defect, P2)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: nelson, Assigned: alvolkov.bgs)
Details
(Keywords: klocwork)
Attachments
(1 file)
6.40 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
All these klocwork IDs are in File nss/lib/pk11wrap/pk11cert.c Klocwork ID 88363 Function PK11_FindCertsFromNickname Pointer 'certList' returned from call to function 'CERT_NewCertList' at line 739 may be NULL and may be dereferenced by passing argument 1 to function 'CERT_AddCertToListSorted' at line 745. 741 CERTCertificate *certCert = STAN_GetCERTCertificateOrRelease(c); 742 /* c may be invalid after this, don't reference it */ 743 if (certCert) { 744 /* CERT_AddCertToListSorted adopts certCert */ 745 CERT_AddCertToListSorted(certList, certCert, 746 CERT_SortCBValidity, &now);
Reporter | ||
Comment 1•18 years ago
|
||
ID: 92197 Function: PK11_FindCertFromNickname Location: nss/lib/pk11wrap/pk11cert.c : 543 Suspicious dereference of pointer 'nickCopy' by passing argument 1 to function 'strchr' at line 543 before NULL check at line 633 (Should be a null check between lines 542 and 543) 542 nickCopy = PORT_Strdup(nickname); 543 if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) { ---- ID: 92198 Function: PK11_FindCertsFromNickname Location: nss/lib/pk11wrap/pk11cert.c : 654 Suspicious dereference of pointer 'nickCopy' by passing argument 1 to function 'strchr' at line 654 before NULL check at line 678 (Should be a null check between lines 653 and 654) 653 nickCopy = PORT_Strdup(nickname); 654 if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) { ---- ID: 88363 Location: nss/lib/pk11wrap/pk11cert.c : 745 Function: PK11_FindCertsFromNickname Pointer 'certList' returned from call to function 'CERT_NewCertList' at line 739 may be NULL and may be dereferenced by passing argument 1 to function 'CERT_AddCertToListSorted' at line 745. 741 CERTCertificate *certCert = STAN_GetCERTCertificateOrRelease(c); 742 /* c may be invalid after this, don't reference it */ 743 if (certCert) { 744 /* CERT_AddCertToListSorted adopts certCert */ 745 CERT_AddCertToListSorted(certList, certCert, 746 CERT_SortCBValidity, &now); ---- ID: 92199 Function: PK11_ImportCert Location: nss/lib/pk11wrap/pk11cert.c : 840 Pointer 'c' returned from call to function 'STAN_GetNSSCertificate' at line 837 may be NULL and will be dereferenced at line 840. 834 if (cert->nssCertificate) { 835 c = cert->nssCertificate; 836 } else { 837 c = STAN_GetNSSCertificate(cert); 838 } 840 if (c->object.cryptoContext) { ---- ID: 88377 Function: PK11_NumberCertsForCertSubject Location: nss/lib/pk11wrap/pk11cert.c : 1675 Pointer 'list' returned from call to function 'PK11_GetAllTokens' at line 1669 may be NULL and will be dereferenced at line 1675. 1669 PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, 1670 PR_FALSE,PR_TRUE,NULL); 1671 PK11SlotListElement *le; 1675 for (le = list->head; le; le = le->next) { ----- ID: 88391 Function: PK11_TraverseCertsForSubject Location: nss/lib/pk11wrap/pk11cert.c : 1701 Pointer 'list' returned from call to function 'PK11_GetAllTokens' at line 1696 may be NULL and will be dereferenced at line 1701. 1696 PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, 1697 PR_FALSE,PR_TRUE,NULL); 1698 PK11SlotListElement *le; 1701 for (le = list->head; le; le = le->next) { ------ ID: 88382 Function: PK11_FindBestKEAMatch Location: nss/lib/pk11wrap/pk11cert.c : 2141 Pointer 'keaList' returned from call to function 'PK11_GetAllTokens' at line 2134 may be NULL and will be dereferenced at line 2141. 2134 PK11SlotList *keaList = PK11_GetAllTokens(CKM_KEA_KEY_DERIVE, 2135 PR_FALSE,PR_TRUE,wincx); 2136 PK11SlotListElement *le; 2141 for (le = keaList->head; le; le = le->next) { ---- ID: 92200 Function: listCertsCallback Location: nss/lib/pk11wrap/pk11cert.c : 2412 Pointer 'c' returned from call to function 'STAN_GetNSSCertificate' at line 2410 may be NULL and will be dereferenced at line 2412. 2410 NSSCertificate *c = STAN_GetNSSCertificate(cert); 2411 2412 instances = nssPKIObject_GetInstances(&c->object);
Reporter | ||
Updated•18 years ago
|
Priority: -- → P2
Target Milestone: --- → 3.12
Assignee | ||
Comment 2•18 years ago
|
||
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #243544 -
Flags: review?(nelson)
Reporter | ||
Comment 3•18 years ago
|
||
Comment on attachment 243544 [details] [diff] [review] fix r=nelson
Attachment #243544 -
Flags: review?(nelson) → review+
Assignee | ||
Comment 4•18 years ago
|
||
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11cert.c,v <-- pk11cert.c new revision: 1.155; previous revision: 1.154
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•