Closed Bug 1303647 Opened 8 years ago Closed 8 years ago

Duplicate detection in SSL_ConfigNamedGroups is buggy

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.27
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mt, Assigned: mt)

References

Details

Attachments

(1 file)

bug1303435-1.patch
1.98 KB, patch
Details | Diff | Splinter Review 
Because the same loop is used for finding duplicates and looking up the table, if the entry in the table is found first, then the duplicate is recorded.

Discovered this when reordering the table to put P-256 earlier.
This uses existing functions, so it should be more reliable.
Assignee: nobody → martin.thomson
Attachment #8792367 - Flags: review?(franziskuskiefer)
Hmm, I just realized that this shouldn't use ssl_NamedGroupEnabled, since that will return false when policy disallows the group.  New version needed.
closing this as fixed by bug 1303648
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Attachment #8792367 - Flags: review?(franziskuskiefer)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: