Closed Bug 1162521 Opened 10 years ago Closed 10 years ago

SSL3_SendAlert is incorrectly locked in ssl3_HandleHelloRequest

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Version:
3.12.5
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.19.1

People

(Reporter: davidben, Assigned: davidben)

Details

Attachments

(1 file)

norenegotiatelock.patch
523 bytes, patch
wtc
: review+
wtc
: checked-in+
Details | Diff | Splinter Review
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.45 Safari/537.36 Steps to reproduce: If renegotiation is disabled, ssl3_HandleHelloRequest sends a no_renegotiation alert. But the SSL3_SendAlert wrapped by the XmitBufLock. This is incorrect as SSL3_SendAlert internally already grabs that lock. It also internally calls ssl_GetSSL3HandshakeLock which asserts that the XmitBufLock has NOT been taken, so this code fails in debug mode. See attached patch. The patch makes it match the SSL3_SendAlert call above.
Comment on attachment 8602751 [details] [diff] [review] norenegotiatelock.patch r=wtc. Thanks for the patch. I also did a quick review of the other SSL3_SendAlert calls and didn't spot another instance of this bug. Patch checked in: https://hg.mozilla.org/projects/nss/rev/b3e011d5745b
Attachment #8602751 - Attachment is patch: true
Attachment #8602751 - Attachment mime type: text/x-patch → text/plain
Attachment #8602751 - Flags: review+
Attachment #8602751 - Flags: checked-in+
The code in question was added in NSS 3.12.5: https://hg.mozilla.org/projects/nss/rev/4c210039abab
Assignee: nobody → davidben
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
OS: Unspecified → All
Priority: -- → P1
Hardware: Unspecified → All
Resolution: --- → FIXED
Target Milestone: --- → 3.19.1
Version: trunk → 3.12.5
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: