Closed
Bug 1340222
Opened 9 years ago
Closed 9 years ago
type change of CERTCertificate.CERTOKDomainName.name broke ABI
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: KaiE, Unassigned)
References
Details
As part of bug 1277228, with this commit:
https://hg.mozilla.org/projects/nss/rev/25bbb8bdd46086979558331d5030adeab4d4129e
the type of CERTCertificate.CERTOKDomainName.name was changed from
char name[1]; /* actual length may be longer. */
to
char *name;
That means, the attribute is no longer an inline member of CERTOKDomainName (which was dynamically allocated to have enough space), to a pointer.
That means, if any application exists that reads this attribute, it will read from the offset of the beginning of the struct. But the new type would require the code to dereference the pointer. As a result, old code reading this attribute won't get the expected result.
| Reporter | ||
Comment 1•9 years ago
|
||
I need a quick decision what to do about this bug, because I urgently need to work on an NSS 3.28.3 release, prior to the initial release of Firefox 52, and I need to decide if a fix for this one should be applied, or not.
We couldn't find code that looks inside the CERTOKDomainName struct to access the name attribute.
This data structure is used by an application, to provide input to the library, and the expected procedure to do so is to use API CERT_AddOKDomainName.
The only other place inside of NSS accessing that data is function CERT_VerifyCertName.
Given that the input is provided by applications using an API, it seems unlikely that an application requires to read the attribute.
We consider to ignore this ABI change, as it seems unlikely to cause issues.
| Reporter | ||
Comment 2•9 years ago
|
||
I'm hoping we don't need a fix for this, marking as wontfix.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•