Closed Bug 1046735 Opened 10 years ago Closed 10 years ago

In file " nss/lib/softoken/legacydb/lowcert.c" in function "nsslowcert_EmailName" a null check has been done for wrong variable.

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.16.3
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: sachingpt999, Assigned: sachingpt999)

Details

Attachments

(1 file)

Proposed Patch.
414 bytes, patch
rrelyea
: review+
wtc
: review+
wtc
: checked-in+
Details | Diff | Splinter Review
Attached patch Proposed Patch.Splinter Review 
Error:
 The second null check for "oid" at line number 450 should have been a null check for variable "name" instead.

 
NSS 3.16.3 version code:

     oid=nsslowcert_dataStart(ava, ava_length, &oid_length, PR_FALSE, NULL);
      if (oid == NULL) { return NULL;  }
      ava_length -= (oid-ava)+oid_length;
      ava = oid+oid_length;

      name=nsslowcert_dataStart(ava, ava_length, &name_length, PR_FALSE, NULL);
      if (oid == NULL) { return NULL; }

 

Recommended code:

      oid=nsslowcert_dataStart(ava, ava_length, &oid_length, PR_FALSE,NULL);
      if (oid == NULL) { return NULL; }
      ava_length -= (oid-ava)+oid_length;
      ava = oid+oid_length;

      name=nsslowcert_dataStart(ava, ava_length, &name_length, PR_FALSE,NULL);
      if (name == NULL) { return NULL; }
Mentor: alvolkov.bgs, emaldona, gavin.sharp, julien.pierre, kaie, nelson, rrelyea, ryan.sleevi, wtc
Comment on attachment 8465399 [details] [diff] [review]
Proposed Patch.

Review of attachment 8465399 [details] [diff] [review]:
-----------------------------------------------------------------

Bob is probably the best reviewer for this patch.
Attachment #8465399 - Flags: review?(brian) → review?(rrelyea)
Attachment #8465399 - Flags: review?(rrelyea) → review+
Keywords: checkin-needed
Reminder for code check in.
Flags: needinfo?(kaie)
Comment on attachment 8465399 [details] [diff] [review]
Proposed Patch.

Review of attachment 8465399 [details] [diff] [review]:
-----------------------------------------------------------------

r=wtc. Thanks for the patch. I also checked the entire function and found
no other bug of this kind.

Patch checked in: https://hg.mozilla.org/projects/nss/rev/667b72ac012d
Attachment #8465399 - Flags: review+
Attachment #8465399 - Flags: checked-in+
Kai: please include this fix in NSS 3.17.
Assignee: nobody → s.k.gupta
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Flags: needinfo?(kaie)
Keywords: checkin-needed
OS: Linux → All
Priority: -- → P2
Hardware: x86 → All
Resolution: --- → FIXED
Target Milestone: --- → 3.17
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: