Closed Bug 1313715 Opened 6 years ago Closed 6 years ago

Avoid unnecessary use of PR_SetError() under security/apps/ and security/certverifier

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla53

Tracking Flags:

Tracking

Status

firefox53

---

fixed

People

(Reporter: Cykesiopka, Assigned: Cykesiopka)

References

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

Bug 1313715 - Avoid unnecessary uses of PR_SetError() under security/apps/ and security/certverifier/. 6 years ago :Cykesiopka 58 bytes, text/x-review-board-request	keeler : review+	Details

:Cykesiopka

Assignee

Description

•

6 years ago

The PR_SetError() + PR_GetError() pattern is error prone and unnecessary.

Comment hidden (mozreview-request)

The PR_SetError() + PR_GetError() pattern is error prone and unnecessary.

Also fixes Bug 1254403.

Review commit: https://reviewboard.mozilla.org/r/98084/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/98084/

Dana Keeler (she/her) (use needinfo) (:keeler for reviews)

Comment 2

•

6 years ago

mozreview-review

Comment on attachment 8817896 [details]
Bug 1313715 - Avoid unnecessary uses of PR_SetError() under security/apps/ and security/certverifier/.

https://reviewboard.mozilla.org/r/98084/#review98716

Cool - lgtm. Just the one comment.

::: security/apps/AppTrustDomain.cpp:166
(Diff revision 1)
>    }
>  
>    mTrustedRoot.reset(CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
>                                               &trustedDER, nullptr, false, true));
>    if (!mTrustedRoot) {
> -    return SECFailure;
> +    return NS_ERROR_OUT_OF_MEMORY;

We probably actually want to return mozilla::psm::GetXPCOMFromNSSError(PR_GetError()); here since this could be a more informative error (e.g. reused issuer/serial).

::: security/certverifier/NSSCertDBTrustDomain.cpp
(Diff revision 1)
>  
>  static const uint64_t ServerFailureDelaySeconds = 5 * 60;
>  
>  namespace mozilla { namespace psm {
>  
> -const char BUILTIN_ROOTS_MODULE_DEFAULT_NAME[] = "Builtin Roots Module";

Looks like this also takes care of bug 1254403.

Attachment #8817896 - Flags: review?(dkeeler) → review+

Comment hidden (mozreview-request)

Comment on attachment 8817896 [details]
Bug 1313715 - Avoid unnecessary uses of PR_SetError() under security/apps/ and security/certverifier/.

Review request updated; see interdiff: https://reviewboard.mozilla.org/r/98084/diff/1-2/

:Cykesiopka

Assignee

Comment 4

•

6 years ago

Thanks!

https://treeherder.mozilla.org/#/jobs?repo=try&revision=08d39454dc79134fc49fe91876ec58f51b256aba

Keywords: checkin-needed

Pulsebot

Comment 5

•

6 years ago

Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/676ca54f13db
Avoid unnecessary uses of PR_SetError() under security/apps/ and security/certverifier/. r=keeler

Keywords: checkin-needed

Carsten Book [:Tomcat]

Comment 6

•

6 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/676ca54f13db

Status: ASSIGNED → RESOLVED

Closed: 6 years ago

status-firefox53: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla53

:Cykesiopka

Assignee

Updated

•

6 years ago

Blocks: 1254403

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Avoid unnecessary use of PR_SetError() under security/apps/ and security/certverifier

Categories

(Core :: Security: PSM, defect, P1)

Tracking

()

People

(Reporter: Cykesiopka, Assigned: Cykesiopka)

References

Details

(Whiteboard: [psm-assigned])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Comment 6

Updated