Closed Bug 1166129 Opened 5 years ago Closed 5 years ago

Crash at SSLServerCertVerification.cpp:1064 with certificates without extensions

Categories

(Core :: Security: PSM, defect)

defect
Not set

Tracking

()

RESOLVED DUPLICATE of bug 1165911
Tracking Status
firefox39 --- affected
firefox40 --- affected
firefox41 --- affected
firefox-esr38 --- affected

People

(Reporter: glandium, Assigned: glandium)

Details

Attachments

(1 file)

Code reads:
  for (size_t i = 0; endEntityCert->extensions[i]; i++) {

If extensions is NULL, which happens when the certificate doesn't have extensions and the CA that emitted the certificate is in the builtin token. I don't know if there are CAs in the default set that still emit certificates without extensions, but in Debian, we are adding the SPI CA certificate, and the certificate on mentors.debian.net doesn't have extensions, leading to a crash.
This is a dupe of Bug 1165911, but thanks for taking the time to make a patch anyways.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1165911
Attachment #8607291 - Flags: review?(dkeeler)
You need to log in before you can comment on or make changes to this bug.