Last Comment Bug 109592 - SECU_GetModulePassword() returns wrong data in case of PW_PLAINTEXT
: SECU_GetModulePassword() returns wrong data in case of PW_PLAINTEXT
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: unspecified
: All All
-- major (vote)
: 3.2.2
Assigned To: Wan-Teh Chang
: Sonja Mirtitsch
Depends on:
  Show dependency treegraph
Reported: 2001-11-11 00:53 PST by Uriel Ginsburg
Modified: 2001-11-12 10:04 PST (History)
1 user (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---


Description User image Uriel Ginsburg 2001-11-11 00:53:14 PST
from security\nss\cmd\lib\secutil.c:
  return PL_strdup(arg);

when it actually should be:
  return PL_strdup(pwdata->data);
Comment 1 User image Wan-Teh Chang 2001-11-11 19:23:50 PST
Thanks for the bug report.

This bug is already fixed (secutil.c, rev. 1.24,
by Ian McGreer).  The fix is in NSS 3.2.2 and
NSS 3.3.1 but is not in NSS 3.3.  Therefore I am
setting the target milestone to 3.2.2.

Are you using NSS 3.2.1 or NSS 3.3?
Comment 2 User image Uriel Ginsburg 2001-11-11 23:53:04 PST
I'm using 3.3, my bad.
Comment 3 User image Wan-Teh Chang 2001-11-12 10:04:20 PST
Please upgrade to NSS 3.3.1.  See the release notes
for information on CVS tag and where to download the source tarball and
pre-compiled binary distributions.

I just added this bug to the "Bugs Fixed" section in
the NSS 3.3.1 release notes.  (We didn't open a bug
report when we fixed the bug.)

Note You need to log in before you can comment on or make changes to this bug.