Closed
Bug 1018064
Opened 10 years ago
Closed 10 years ago
Replace mozilla::pkix::der::Input::MatchBytes with a variant that requires the match to be at the end of the input
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla32
People
(Reporter: briansmith, Assigned: briansmith)
Details
Attachments
(1 file)
5.81 KB,
patch
|
mmc
:
review+
|
Details | Diff | Splinter Review |
All of our uses of MatchBytes, including the future uses I'm about to add, follow the pattern: if (input.MatchBytes(x) && input.AtEnd()) { // consider it a match } else { // it's not really a match } In some places, this logic is less clear than it should be and generally this pattern is much more error prone than the use of a function that checks that the match occurs at the end of the input.
Attachment #8431407 -
Flags: review?(mmc)
Comment 1•10 years ago
|
||
Comment on attachment 8431407 [details] [diff] [review] replace-MatchBytes-with-MatchRest.patch Review of attachment 8431407 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/pkix/lib/pkixder.h @@ +155,4 @@ > { > + // Normally we use EnsureLength which compares (input + len < end), but > + // here we want to be sure that there is nothing following the matched > + // bytes Cleaner to do input.AtEnd() before returning?
Attachment #8431407 -
Flags: review?(mmc) → review+
Assignee | ||
Comment 2•10 years ago
|
||
[:mmc] Monica Chew (please use needinfo) from comment #1) > Cleaner to do input.AtEnd() before returning? We can't do that, because we need to avoid changing any state of the Input object if it isn't a complete match, so we have to check that we're at the end first. Thanks for the review! https://hg.mozilla.org/integration/mozilla-inbound/rev/c470f879b8c8(In reply to
Comment 3•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/c470f879b8c8
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•