Status

NSS
Libraries
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: ttaubert, Assigned: ttaubert)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

2 years ago
*** CID 1394278:  Null pointer dereferences  (FORWARD_NULL)
/gtests/ssl_gtest/databuffer.h: 140 in nss_test::DataBuffer::Splice(const unsigned char *, unsigned long, unsigned long, unsigned long)()
134         // The head of the old.
135         if (old_value) {
136           Write(0, old_value, std::min(old_len, index));
137         }
138         // Maybe a gap.
139         if (index > old_len) {
>>>     CID 1394278:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "old_value + index" to "memset", which dereferences it.
140           memset(old_value + index, 0, index - old_len);
141         }
142         // The new.
143         Write(index, ins, ins_len);
144         // The tail of the old.
145         if (tail_len > 0) {

*** CID 1394277:  Control flow issues  (DEADCODE)
/lib/ssl/tls13exthandle.c: 538 in tls13_ClientSendPreSharedKeyXtn()
532     
533             PRINT_BUF(50, (ss, "Sending PreSharedKey value",
534                            session_ticket->ticket.data,
535                            session_ticket->ticket.len));
536             xtnData->sentSessionTicketInClientHello = PR_TRUE;
537             if (rv != SECSuccess)
>>>     CID 1394277:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "goto loser;".
538                 goto loser;
539     
540             xtnData->advertised[xtnData->numAdvertised++] =
541                 ssl_tls13_pre_shared_key_xtn;
542         }
543         return extension_length;

*** CID 1394276:  Control flow issues  (DEADCODE)
/lib/ssl/tls13con.c: 1995 in tls13_HandleServerHelloPart2()
1989                 ss->ssl3.hs.kea_def_mutable.authKeyType = ssl_auth_psk;
1990     
1991                 cacheOK = PR_TRUE;
1992             } while (0);
1993     
1994             if (!cacheOK) {
>>>     CID 1394276:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "SSL_AtomicIncrementLong(&ss...".
1995                 SSL_AtomicIncrementLong(&ssl3stats->hsh_sid_cache_not_ok);
1996                 ss->sec.uncache(sid);
1997                 return SECFailure;
1998             }
1999     
2000             tls13_RestoreCipherInfo(ss, sid);
Duplicate of this bug: 1317119
Blocks: 1305970
(Assignee)

Comment 4

2 years ago
https://hg.mozilla.org/projects/nss/rev/460a0a1e009f
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.29
You need to log in before you can comment on or make changes to this bug.