Closed
Bug 1213948
Opened 9 years ago
Closed 9 years ago
[CID 1286618][CID 1168239] Using uninitialized value ticketData.type when calling SECITEM_CopyItem_Util
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(firefox44 affected)
RESOLVED
FIXED
3.21
Tracking | Status | |
---|---|---|
firefox44 | --- | affected |
People
(Reporter: franziskus, Assigned: franziskus)
References
(Blocks 1 open bug)
Details
(Keywords: coverity)
ticketData.type is not initialized when handed over to CopyItem. Initializing type in ssl3_ConsumeHandshakeVariable should help here.
Assignee | ||
Updated•9 years ago
|
Summary: [CID 1286618] Using uninitialized value ticketData.type when calling SECITEM_CopyItem_Util → [CID 1286618][CID 1168239] Using uninitialized value ticketData.type when calling SECITEM_CopyItem_Util
Assignee | ||
Comment 1•9 years ago
|
||
Patch is at https://codereview.appspot.com/273790043/ ssl3_ConsumeHandshakeVariable does not initialise the SECItem's type, which leads to undefined behaviour when copying the item later. To solve this I set the item type to siBuffer.
Flags: needinfo?(martin.thomson)
Comment 2•9 years ago
|
||
Comments on reitveld. More review needed.
Flags: needinfo?(martin.thomson) → needinfo?(ekr)
Assignee | ||
Comment 3•9 years ago
|
||
new patch at https://codereview.appspot.com/273790043/
Flags: needinfo?(martin.thomson)
Comment 4•9 years ago
|
||
https://hg.mozilla.org/projects/nss/rev/f7b8b0414cc7
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(martin.thomson)
Flags: needinfo?(ekr)
Resolution: --- → FIXED
Target Milestone: --- → 3.21
You need to log in
before you can comment on or make changes to this bug.
Description
•