Closed Bug 1210364 Opened 9 years ago Closed 9 years ago

Potential NULL deref after OOM in nssCertificateCollection_Create()

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(firefox44 affected)

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
firefox44 --- affected

People

(Reporter: ttaubert, Assigned: ttaubert)

Details

All callsites of nssCertificateCollection_Create() check whether it returns NULL, the function itself doesn't return NULL though, it expects allocations to always succeed.

> nssPKIObjectCollection *collection;
> collection = nssPKIObjectCollection_Create(td, NULL, nssPKIMonitor);
> collection->objectType = pkiObjectType_Certificate;
> collection->destroyObject = cert_destroyObject;
> collection->getUIDFromObject = cert_getUIDFromObject;
Patch at: https://codereview.appspot.com/261500043
Assignee: nobody → ttaubert
Status: NEW → ASSIGNED
Flags: needinfo?(martin.thomson)
Flags: needinfo?(ekr)
Same issue a few lines below, new patch: https://codereview.appspot.com/262630043
LGTM with comments
Flags: needinfo?(ekr)
Fixed comments.

https://hg.mozilla.org/projects/nss/rev/751dad5bfac2
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Flags: needinfo?(martin.thomson)
Resolution: --- → FIXED
Target Milestone: --- → 3.21
You need to log in before you can comment on or make changes to this bug.