Closed Bug 1046221 Opened 10 years ago Closed 10 years ago

nsCryptoHMAC and nsCryptoHash do not properly guard against NSS shutdown

Categories

(Core :: Security: PSM, defect)

x86_64
Linux
defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla35

People

(Reporter: keeler, Assigned: keeler)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

nsCryptoHash.cpp is full of things like this:

60 NS_IMETHODIMP 
61 nsCryptoHash::Init(uint32_t algorithm)
62 {
63   nsNSSShutDownPreventionLock locker;
64 
65   HASH_HashType hashType = (HASH_HashType)algorithm;

Note that while the shutdown prevention lock has been acquired, the implementation doesn't actually check if NSS has already been shut down, which to my understanding is incorrect.
Something like this needs to be added after the lock in each publicly exposed function:

if (isAlreadyShutDown()) {
  return NS_ERROR_NOT_AVAILABLE;
}
Attached patch patchSplinter Review
Assignee: nobody → dkeeler
Status: NEW → ASSIGNED
Attachment #8485105 - Flags: review?(rlb)
Attachment #8485105 - Flags: review?(rlb) → review+
https://hg.mozilla.org/mozilla-central/rev/1c6bec021eae
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla35
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: