Closed Bug 1319039 Opened 8 years ago Closed 8 years ago

Remove unnecessary checks after ssl3_SignHashes()

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

3.29

People

(Reporter: ttaubert, Assigned: ttaubert)

Details

Tim Taubert [:ttaubert] (inactive)

Assignee

Description

•

8 years ago

We have this ancient pattern at two call sites:

> rv = ssl3_SignHashes(ss, &hashes, certPrivateKey, &signed_hash);
> if (rv != SECSuccess) {
>     goto loser; /* ssl3_SignHashes has set err. */
> }
> if (signed_hash.data == NULL) {
>     PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
>     goto loser;
> }

There is no way that ssl3_SignHashes() returns SECSuccess with signed_hash.data being NULL. This could only happen if PK11_SignWithMechanism() or SGN_Digest() would return SECSuccess and leave it NULL.

We explicitly allocate .data before calling PK11_SignWithMechanism(), so in that branch it would never be null. SGN_Digest() does the same and and I can't see how it would succeed with .data being NULL.

Tim Taubert [:ttaubert] (inactive)

Assignee

Comment 1

•

8 years ago

https://nss-review.dev.mozaws.net/D90

Tim Taubert [:ttaubert] (inactive)

Assignee

Comment 2

•

8 years ago

https://hg.mozilla.org/projects/nss/rev/54f594ad2b4a

Status: ASSIGNED → RESOLVED

Closed: 8 years ago

Resolution: --- → FIXED

Target Milestone: --- → 3.29

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Remove unnecessary checks after ssl3_SignHashes()

Categories

(NSS :: Libraries, defect)

Tracking

(Not tracked)

People

(Reporter: ttaubert, Assigned: ttaubert)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2