Open
Bug 711476
Opened 13 years ago
Updated 6 months ago
Potential NULL pointer dereference in security/nss/cmd/checkcert/checkcert.c
Categories
(NSS :: Tools, defect, P5)
Tracking
(Not tracked)
NEW
People
(Reporter: julia.lawall, Unassigned)
Details
User Agent: Mozilla/5.0 (Ubuntu; X11; Linux i686; rv:8.0) Gecko/20100101 Firefox/8.0 Build ID: 20111115183158 Steps to reproduce: The tool Coccinelle (http://coccinelle.lip6.fr) found the following code in the file security/nss/cmd/checkcert/checkcert.c in the function OurVerifyData. The second argument of SECU_PrintAsHex in the else branch is dereferenced by SECU_PrintAsHex, which will cause a NULL pointer dereference. if ( oiddata ) { printf("PROBLEM: (cont) Digest OID is %s\n", oiddata->desc); } else { SECU_PrintAsHex(stdout, &oiddata->oid, "PROBLEM: UNKNOWN OID", 0); }
Updated•13 years ago
|
Component: General → Security
Product: Firefox → Core
QA Contact: general → toolkit
Updated•10 years ago
|
Assignee: nobody → nobody
Status: UNCONFIRMED → NEW
Component: Security → Tools
Ever confirmed: true
Product: Core → NSS
Version: 8 Branch → trunk
Updated•2 years ago
|
Severity: normal → S3
Updated•6 months ago
|
Severity: S3 → S4
Priority: -- → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•