Last Comment Bug 135871 - NSS3.4 RC2 crashes when CERT_VerifyCertNow is called
: NSS3.4 RC2 crashes when CERT_VerifyCertNow is called
Status: RESOLVED FIXED
[adt2 RTM]
:
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: 3.4
: All All
: P1 normal (vote)
: 3.4.2
Assigned To: Robert Relyea
: Bishakha Banerjee
Mentors:
: 140338 (view as bug list)
Depends on:
Blocks: 145836
  Show dependency treegraph
 
Reported: 2002-04-05 18:28 PST by miodrag
Modified: 2002-06-04 20:58 PDT (History)
8 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
call CERT_NewTemp (1009 bytes, patch)
2002-04-09 16:15 PDT, Ian McGreer
rrelyea: review+
Details | Diff | Splinter Review
New patch (1.35 KB, patch)
2002-04-25 14:26 PDT, Wan-Teh Chang
bugz: review+
Details | Diff | Splinter Review
additional patch needed for 3.4 branch (613 bytes, patch)
2002-04-26 09:19 PDT, Ian McGreer
no flags Details | Diff | Splinter Review

Description miodrag 2002-04-05 18:28:01 PST
Using AS with new NSS3.4 RC2. Trying to install a new cerificate and the 
security CGI crashes in NSS. The call stack is  

  [1] nssTrustDomain_GetCertsForSubjectFromCache(td = (nil), subject = 0xecb24, 
certListOpt = 0xeeff8), line 845 in "tdcache.c"
  [2] NSSTrustDomain_FindCertificatesBySubject(td = (nil), subject = 0xecb24, 
rvOpt = (nil), maximumOpt = 0, arenaOpt = (nil)), line 675 in "trustdomain.c"
  [3] find_issuer_cert_for_identifier(c = 0xecaf0, id = 0xeb858), line 307 in 
"certificate.c"
  [4] NSSCertificate_BuildChain(c = 0xecaf0, timeOpt = 0xeb828, usage = 
0xffbef1b0, policiesOpt = (nil), rvOpt = 0xffbef1a4, rvLimit = 2U, arenaOpt = 
(nil), statusOpt = 0xffbef1a0), line 356 in "certificate.c"
  [5] CERT_FindCertIssuer(cert = 0xe8840, validTime = 1018057399953784LL, usage 
= certUsageSSLServer), line 409 in "certvfy.c"
  [6] CERT_VerifyCertChain(handle = 0xdd688, cert = 0xe8840, checkSig = 1, 
certUsage = certUsageSSLServer, t = 1018057399953784LL, wincx = (nil), log = 
(nil)), line 702 in "certvfy.c"
  [7] CERT_VerifyCert(handle = 0xdd688, cert = 0xe8840, checkSig = 1, certUsage 
= certUsageSSLServer, t = 1018057399953784LL, wincx = (nil), log = (nil)), line 
1138 in "certvfy.c"
  [8] CERT_VerifyCertNow(handle = 0xdd688, cert = 0xe8840, checkSig = 1, 
certUsage = certUsageSSLServer, wincx = (nil)), line 1179 in "certvfy.c"
  [9] printCertUsageInfo(description = 0x5417f "^I^I<SSLServer></SSLServer>\n", 
usage = certUsageSSLServer, cert = 0xe8840), line 356 in "security.c"
=>[10] printCert(cert = 0xe8840, key = (nil), detail = 0xffbef9c0, 
forcePrint_CertType = 0x546a9 "SERVER"), line 531 in "security.c"
  [11] installCertificate(tokenName = 0xbb300 "internal (software)", certname = 
(nil)), line 1177 in "security.c"
  [12] main(argc = 1, argv = 0xffbefb1c), line 2132 in "security.c"

The same behavior is both on NT and Solaris 2.8.

Bob Relyea has looked at the problem and recognized a NSS bug. He says there is 
no workaround for this and NSS needs to be fixed.
Comment 1 Wan-Teh Chang 2002-04-05 19:52:39 PST
Assigned the bug to Bob.  Target NSS 3.4.1.
Comment 2 miodrag 2002-04-08 17:27:04 PDT
The problem seems to be with the CERT_ImportCerts() call. It creates a cert 
without the nickname.
Comment 3 Robert Relyea 2002-04-08 17:32:35 PDT
Actually it creates a cert without lots of things. In this case without a
CERTDBHandle (Trust domain).
Comment 4 Ian McGreer 2002-04-09 15:54:52 PDT
Bob,

It looks to me like CERT_ImportCerts should be calling CERT_NewTempCertificate
if keepCert == PR_FALSE.  Is that correct?
Comment 5 Robert Relyea 2002-04-09 16:09:43 PDT
Yup, that's the bug. It's a pretty easy fix.
Comment 6 Ian McGreer 2002-04-09 16:15:36 PDT
Created attachment 78449 [details] [diff] [review]
call CERT_NewTemp

CERT_ImportCerts was changed from 3.3 to not call CERT_NewTempCertificate. 
When keepCerts == PR_FALSE, I believe that is the correct call.  Here is my
proposed patch (I don't have the test case).
Comment 7 Robert Relyea 2002-04-09 16:23:05 PDT
Comment on attachment 78449 [details] [diff] [review]
call CERT_NewTemp

This is precisely the patch I had in mind. Approved.
Comment 8 Ian McGreer 2002-04-09 16:53:25 PDT
checked in to tip.
Comment 9 Wan-Teh Chang 2002-04-25 14:26:52 PDT
Created attachment 81047 [details] [diff] [review]
New patch

This patch is the fix that is currently in the tip.  Bob
suggested that we check in this fix on the NSS_3_4_BRANCH.

Bob, Ian, please review this new patch.
Comment 10 Wan-Teh Chang 2002-04-25 16:24:13 PDT
Changed the QA contact to Bishakha.
Comment 11 Ian McGreer 2002-04-26 09:19:35 PDT
Created attachment 81161 [details] [diff] [review]
additional patch needed for 3.4 branch

This change is also needed on the branch.  Checked in.
Comment 12 Ian McGreer 2002-04-29 06:21:35 PDT
*** Bug 140338 has been marked as a duplicate of this bug. ***
Comment 13 Robert Relyea 2002-04-30 15:26:46 PDT
Ok, this is checked in on the tip and in NSS 3.4.2 Beta 1
Comment 14 Wan-Teh Chang 2002-05-01 14:49:37 PDT
Set target milestone to NSS 3.4.2.
Comment 15 Jaime Rodriguez, Jr. 2002-05-31 18:59:56 PDT
adt1.0.1+ (on ADT's behalf) for checkin to the 1.0 branch. Pls check this in
asap. thanks! 

Note You need to log in before you can comment on or make changes to this bug.