Closed
Bug 1227090
Opened 9 years ago
Closed 5 years ago
[Static Analysis][Division by zero] Function makePfromQandSeed from lib/freebl/pqg.c could lead to a division by 0
Categories
(NSS :: Libraries, defect, P3)
NSS
Libraries
Tracking
(firefox45 affected)
RESOLVED
FIXED
3.45
Tracking | Status | |
---|---|---|
firefox45 | --- | affected |
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: clang-analyzer, good-first-bug)
Attachments
(1 file, 4 obsolete files)
The Static Analysis tool Scan-Build added that variable outlen from makePfromQandSeed could lead to a division by 0 if HASH_ResultLen gets called with improper parameters.
Assignee | ||
Comment 1•9 years ago
|
||
Assignee | ||
Updated•9 years ago
|
Summary: [Static Analysis][Logic error] Function makePfromQandSeed from security/nss/lib/freebl/pqg.c could lead to a division by 0 → [Static Analysis][Division by zero] Function makePfromQandSeed from security/nss/lib/freebl/pqg.c could lead to a division by 0
Assignee | ||
Comment 2•9 years ago
|
||
Updated previous path in order to log the error with invalid argument function call.
Component: Security → Libraries
Product: Core → NSS
Version: Trunk → trunk
Assignee | ||
Updated•9 years ago
|
Blocks: clang-based-analysis
Keywords: clang-analyzer
Assignee | ||
Comment 3•9 years ago
|
||
Hello Robert, Could you please take a look other this patch? THX
Attachment #8690780 -
Attachment is obsolete: true
Attachment #8690782 -
Attachment is obsolete: true
Attachment #8696423 -
Flags: review?(rrelyea)
Updated•7 years ago
|
Keywords: good-first-bug
Priority: -- → P3
Summary: [Static Analysis][Division by zero] Function makePfromQandSeed from security/nss/lib/freebl/pqg.c could lead to a division by 0 → [Static Analysis][Division by zero] Function makePfromQandSeed from lib/freebl/pqg.c could lead to a division by 0
Comment 4•7 years ago
|
||
Comment on attachment 8696423 [details] [diff] [review] Bug 1227090.diff Review of attachment 8696423 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/nss/lib/freebl/pqg.c @@ +1009,5 @@ > CHECK_MPI_OK( mp_init(&V_n) ); > > hashlen = HASH_ResultLen(hashtype); > outlen = hashlen*PR_BITS_PER_BYTE; > + if (outlen <= 0) This should rather be an assertion. There's no way that `makePfromQandSeed()` is passed an invalid hash type.
Attachment #8696423 -
Flags: review?(rrelyea) → review-
Assignee | ||
Comment 5•7 years ago
|
||
Attachment #8907539 -
Flags: review?(ttaubert)
Assignee | ||
Updated•7 years ago
|
Attachment #8696423 -
Attachment is obsolete: true
Comment 6•5 years ago
|
||
:andi Tim is gone, maybe ask some else to review these?
Flags: needinfo?(bpostelnicu)
QA Contact: jjones
Assignee | ||
Comment 7•5 years ago
|
||
Assignee | ||
Updated•5 years ago
|
Attachment #8907539 -
Attachment is obsolete: true
Flags: needinfo?(bpostelnicu)
Attachment #8907539 -
Flags: review?(ttaubert)
Assignee | ||
Updated•5 years ago
|
Keywords: checkin-needed
Comment 8•5 years ago
|
||
Comment 9•5 years ago
|
||
Status: NEW → RESOLVED
Closed: 5 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → 3.45
You need to log in
before you can comment on or make changes to this bug.
Description
•