Closed
Bug 1283164
Opened 10 years ago
Closed 10 years ago
[Coverity 1362937+1362936] Fix some TLS 1.3 issues reported by Coverity
Categories
(mozilla.org :: Security Assurance: Applications, task)
mozilla.org
Security Assurance: Applications
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: ttaubert, Assigned: ttaubert)
References
(Blocks 1 open bug)
Details
*** CID 1362937: Null pointer dereferences (FORWARD_NULL)
/lib/ssl/tls13hkdf.c: 75 in tls13_HkdfExtract()
69 } else {
70 /* Per documentation for CKM_NSS_HKDF_*:
71 *
72 * If the optional salt is given, it is used;
otherwise, the salt is
73 * set to a sequence of zeros equal in length to the
HMAC output.
74 */
>>> CID 1362937: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "params.pSalt" = "NULL".
75 params.pSalt = NULL;
76 params.ulSaltLen = 0UL;
77 }
78 paramsi.data = (unsigned char *)¶ms;
79 paramsi.len = sizeof(params);
80
*** CID 1362936: Control flow issues (DEADCODE)
/external_tests/ssl_gtest/libssl_internals.c: 188 in
sslint_DamageTrafficSecret()
182 }
183 if (!slot) {
184 return PR_FALSE;
185 }
186 keyPtr = (PK11SymKey **)((char *)&ss->ssl3.hs + offset);
187 if (!keyPtr)
>>> CID 1362936: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "return 0;".
188 return PR_FALSE;
189 PK11_FreeSymKey(*keyPtr);
190 *keyPtr = PK11_ImportSymKey(slot,
191 CKM_NSS_HKDF_SHA256, PK11_OriginUnwrap,
192 CKA_DERIVE, &key_item, NULL);
193 PK11_FreeSlot(slot);
| Assignee | ||
Updated•10 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•