Closed
Bug 1257132
Opened 8 years ago
Closed 8 years ago
Dereference after null check in tls13hkdf.c
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(firefox48 affected)
RESOLVED
INVALID
Tracking | Status | |
---|---|---|
firefox48 | --- | affected |
People
(Reporter: franziskus, Assigned: franziskus)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID 1356342)
Attachments
(1 file)
1.17 KB,
patch
|
Details | Diff | Splinter Review |
No description provided.
Assignee | ||
Comment 1•8 years ago
|
||
printing handshakeHash only if not null
Attachment #8731175 -
Flags: review?(ttaubert)
Comment 2•8 years ago
|
||
Comment on attachment 8731175 [details] [diff] [review] tls13hkdf-coverity.patch Review of attachment 8731175 [details] [diff] [review]: ----------------------------------------------------------------- ::: lib/ssl/tls13hkdf.c @@ +176,5 @@ > } > PRINT_KEY(60, (NULL, "PRK", prk)); > + if (handshakeHash) { > + PRINT_BUF(60, (NULL, "Hash", handshakeHash, handshakeHashLen)); > + } Was looking at that too and wondered if it would be helpful to print that Hash is NULL?
Comment 3•8 years ago
|
||
I don't believe this is actually a null pointer dereference because PRINT_BUF handles it correctly: https://dxr.mozilla.org/mozilla-central/source/security/nss/lib/ssl/ssltrace.c#37 It also generates the right output: 6166: SSL: Hash [Len: 0]
Assignee | ||
Comment 4•8 years ago
|
||
(In reply to Eric Rescorla (:ekr) from comment #3) > I don't believe this is actually a null pointer dereference because PRINT_BUF > handles it correctly: > > https://dxr.mozilla.org/mozilla-central/source/security/nss/lib/ssl/ssltrace. > c#37 > > It also generates the right output: > 6166: SSL: Hash [Len: 0] right, as long as the len is always correct that works. Since this is only used in TRACE I think that's fine.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
Updated•8 years ago
|
Attachment #8731175 -
Flags: review?(ttaubert)
You need to log in
before you can comment on or make changes to this bug.
Description
•