Closed
Bug 1247692
Opened 8 years ago
Closed 8 years ago
out of bounds read in tls13_ExtensionAllowed
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(firefox47 affected)
RESOLVED
DUPLICATE
of bug 1247698
Tracking | Status | |
---|---|---|
firefox47 | --- | affected |
People
(Reporter: keeler, Unassigned)
Details
(Whiteboard: CID 1352110)
If tls13_ExtensionAllowed is passed an extension it doesn't know about, it will read one entry past the end of the KnownExtensions array. It's not clear if all code paths that call tls13_ExtensionAllowed prevent unknown extension types from being passed in, but it would probably be best to be defensive here.
Reporter | ||
Comment 1•8 years ago
|
||
Nevermind, Tim's on it.
Group: crypto-core-security
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•