Closed
Bug 1168048
Opened 10 years ago
Closed 10 years ago
Avoid potential null-pointer dereferencing in nsNSSCertificateDB
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla41
| Tracking | Status | |
|---|---|---|
| firefox41 | --- | fixed |
People
(Reporter: mozbgz, Assigned: mozbgz)
References
Details
(Keywords: crash, regression)
Attachments
(1 file)
|
1.36 KB,
patch
|
keeler
:
review+
|
Details | Diff | Splinter Review |
When nsIX509Cert2 and nsIX509Cert3 were mreged into nsIX509Cert with bug 643041, two null-pointer checks got "lost", resulting in potential crashes (which is the reason for setting the severity to critical).
Triggering the issue from privileged chrome is straightforward (as both methods are scriptable), simply paste
Components.classes["@mozilla.org/security/x509certdb;1"].getService(Components.interfaces.nsIX509CertDB).deleteCertificate(null);
or
Components.classes["@mozilla.org/security/x509certdb;1"].getService(Components.interfaces.nsIX509CertDB).setCertTrust(null,0,0);
into the Web Console.
Attachment #8610010 -
Flags: review?(dkeeler)
Flags: needinfo?(dkeeler)
|
||
Comment 1•10 years ago
|
||
Comment on attachment 8610010 [details] [diff] [review]
Proposed patch
Review of attachment 8610010 [details] [diff] [review]:
-----------------------------------------------------------------
Thanks - r=me.
Attachment #8610010 -
Flags: review?(dkeeler) → review+
|
|
||
Updated•10 years ago
|
Assignee: nobody → mozbugzilla
Flags: needinfo?(dkeeler)
Ok, so before I can set the checkin-needed keyword, I guess a tryserver build is needed. Could you submit one for me?
Flags: needinfo?(dkeeler)
|
|
||
Comment 4•10 years ago
|
||
I went ahead and pushed this. I would be quite surprised if it broke anything.
Flags: needinfo?(dkeeler)
|
||
Comment 5•10 years ago
|
||
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla41
You need to log in
before you can comment on or make changes to this bug.
Description
•