Closed Bug 1244324 Opened 8 years ago Closed 8 years ago

One-byte buffer overruns in libnssutil UTF-8 test code

Tracking

(firefox47 affected, firefox-esr4550+ fixed)

Status:

RESOLVED FIXED

Milestone:

3.23

Tracking Flags:

Tracking

Status

firefox47

---

affected

firefox-esr45

50+

fixed

People

(Reporter: jld, Assigned: jld)

References

Details

Attachments

(1 file)

Patch 8 years ago Jed Davis [:jld] ⟨⏰\|UTC-7⟩ ⟦he/him⟧ 1.00 KB, patch	ttaubert : review+ keeler : feedback+	Details \| Diff \| Splinter Review

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Description

•

8 years ago

Not a security problem per se, and not even part of the build (see also bug 1244309), but utf8.c has some tests that try to concatenate a bunch of test case strings with strcat() and neglect to allocate space for the null terminators.

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Comment 1

•

8 years ago

Attached patch Patch — Details — Splinter Review

Attachment #8713861 - Flags: review?(dkeeler)

Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)

Comment 2

•

8 years ago

Comment on attachment 8713861 [details] [diff] [review]
Patch

Review of attachment 8713861 [details] [diff] [review]:
-----------------------------------------------------------------

LGTM, but I'm not an NSS peer.

Attachment #8713861 - Flags: review?(dkeeler) → feedback+

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Updated

•

8 years ago

Attachment #8713861 - Flags: review?(ttaubert)

Tim Taubert [:ttaubert] (inactive)

Comment 3

•

8 years ago

Comment on attachment 8713861 [details] [diff] [review]
Patch

Review of attachment 8713861 [details] [diff] [review]:
-----------------------------------------------------------------

LGTM.

Attachment #8713861 - Flags: review?(ttaubert) → review+

Tim Taubert [:ttaubert] (inactive)

Updated

•

8 years ago

Status: NEW → ASSIGNED

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Comment 4

•

8 years ago

Not sure who does checkin-needed for NSS, but let's see what happens.

Keywords: checkin-needed

Kai Engert (:KaiE:)

Comment 5

•

8 years ago

https://hg.mozilla.org/projects/nss/rev/b6bcbd62e833

Status: ASSIGNED → RESOLVED

Closed: 8 years ago

Keywords: checkin-needed

Resolution: --- → FIXED

Target Milestone: --- → 3.23

Daniel Veditz [:dveditz]

Comment 6

•

8 years ago

Tracking upstream NSS 3.21.3 security updates for the ESR-45 "50+" release.

status-firefox-esr45: --- → affected

tracking-firefox-esr45: --- → 50+

Kai Engert (:KaiE:)

Comment 7

•

8 years ago

NSS_3_21_BRANCH
https://hg.mozilla.org/projects/nss/rev/cb438f27902d

Kai Engert (:KaiE:)

Updated

•

8 years ago

Blocks: 1310009

Sylvestre Ledru [:Sylvestre]

Comment 8

•

8 years ago

Fixed in bug 1310009

status-firefox-esr45: affected → fixed

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

One-byte buffer overruns in libnssutil UTF-8 test code

Categories

(NSS :: Test, defect)

Tracking

(firefox47 affected, firefox-esr4550+ fixed)

People

(Reporter: jld, Assigned: jld)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Updated

Comment 3

Updated

Comment 4

Comment 5

Comment 6

Comment 7

Updated

Comment 8

Attachment

General

Description

File Name

Content Type