Closed
Bug 1244324
Opened 8 years ago
Closed 8 years ago
One-byte buffer overruns in libnssutil UTF-8 test code
Categories
(NSS :: Test, defect)
NSS
Test
Tracking
(firefox47 affected, firefox-esr4550+ fixed)
RESOLVED
FIXED
3.23
People
(Reporter: jld, Assigned: jld)
References
Details
Attachments
(1 file)
1.00 KB,
patch
|
ttaubert
:
review+
keeler
:
feedback+
|
Details | Diff | Splinter Review |
Not a security problem per se, and not even part of the build (see also bug 1244309), but utf8.c has some tests that try to concatenate a bunch of test case strings with strcat() and neglect to allocate space for the null terminators.
Assignee | ||
Comment 1•8 years ago
|
||
Attachment #8713861 -
Flags: review?(dkeeler)
Comment on attachment 8713861 [details] [diff] [review] Patch Review of attachment 8713861 [details] [diff] [review]: ----------------------------------------------------------------- LGTM, but I'm not an NSS peer.
Attachment #8713861 -
Flags: review?(dkeeler) → feedback+
Assignee | ||
Updated•8 years ago
|
Attachment #8713861 -
Flags: review?(ttaubert)
Comment 3•8 years ago
|
||
Comment on attachment 8713861 [details] [diff] [review] Patch Review of attachment 8713861 [details] [diff] [review]: ----------------------------------------------------------------- LGTM.
Attachment #8713861 -
Flags: review?(ttaubert) → review+
Updated•8 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 4•8 years ago
|
||
Not sure who does checkin-needed for NSS, but let's see what happens.
Keywords: checkin-needed
Comment 5•8 years ago
|
||
https://hg.mozilla.org/projects/nss/rev/b6bcbd62e833
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → 3.23
Comment 6•8 years ago
|
||
Tracking upstream NSS 3.21.3 security updates for the ESR-45 "50+" release.
status-firefox-esr45:
--- → affected
tracking-firefox-esr45:
--- → 50+
Comment 7•8 years ago
|
||
NSS_3_21_BRANCH https://hg.mozilla.org/projects/nss/rev/cb438f27902d
Comment 8•8 years ago
|
||
Fixed in bug 1310009
You need to log in
before you can comment on or make changes to this bug.
Description
•