Closed Bug 1397833 Opened 7 years ago Closed 7 years ago

Assertion failure: false (MOZ_ASSERT_UNREACHABLE: Invalid key exchange group.) in nsNSSCallbacks.cpp:859

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla57
Tracking Status
firefox57 --- fixed

People

(Reporter: Alex_Gaynor, Assigned: franziskus)

References

Details

Attachments

(1 file)

(Wasn't sure if this belonged in nss, PSM, or something else) Reproducible for me 100%, STR: - Build nightly from hg (3c96d611ebd6) - ./mach run - Browse to badssl.com/dashboard/ Assertion failure: false (MOZ_ASSERT_UNREACHABLE: Invalid key exchange group.), at /Users/agaynor/projects/mozilla-central/security/manager/ssl/nsNSSCallbacks.cpp:859 #01: CanFalseStartCallback(PRFileDesc*, void*, int*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x435c3f6] #02: ssl3_CheckFalseStart[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x1eba5c] #03: ssl3_AuthCertificateComplete[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x1eb687] #04: SSL_AuthCertificateComplete[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x202a7b] #05: nsNSSSocketInfo::SetCertVerificationResult(int, mozilla::psm::SSLErrorMessageType)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x437a614] #06: mozilla::psm::(anonymous namespace)::SSLServerCertVerificationResult::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x4347b1a] #07: nsThread::ProcessNextEvent(bool, bool*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x137622] #08: NS_ProcessNextEvent(nsIThread*, bool)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13a0b0] #09: mozilla::net::nsSocketTransportService::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x23ced4] [Child 76845] WARNING: We've already scheduled a task for background list flush.: file /Users/agaynor/projects/mozilla-central/parser/html/nsHtml5TreeOpExecutor.cpp, line 283 #10: non-virtual thunk to mozilla::net::nsSocketTransportService::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x23dc9d] #11: nsThread::ProcessNextEvent(bool, bool*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x137622] #12: NS_ProcessNextEvent(nsIThread*, bool)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13a0b0] #13: mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x6d1642] #14: MessageLoop::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x683743] #15: nsThread::ThreadFunc(void*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x134a36] #16: _pt_root[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x14a8ca] #17: _pthread_body[/usr/lib/system/libsystem_pthread.dylib +0x393b] #18: _pthread_body[/usr/lib/system/libsystem_pthread.dylib +0x3887]
Narrowed it down to dh1024.badssl.com which specifically causes the crash.
Franziskus, can you have a look?
Blocks: 1304923
Flags: needinfo?(franziskuskiefer)
Hm, I can't reproduce this but I can imagine where's it's coming from. I'll move this function into NSS soon to avoid any problems like this.
Flags: needinfo?(franziskuskiefer)
Assignee: nobody → franziskuskiefer
Comment on attachment 8905856 [details] Bug 1397833 - don't assert on custom groups, https://reviewboard.mozilla.org/r/177666/#review182830 lgtm with minor nits ::: commit-message-af5f4:1 (Diff revision 1) > +Bug 1397833 - don't assert on custom groups, r?keeler nit: maybe a bit more detail that this is specific to tls key exchange groups ::: devtools/client/locales/en-US/netmonitor.properties:775 (Diff revision 1) > # LOCALIZATION NOTE (netmonitor.security.keaGroup.none): This is the label > # displayed in the security tab describing the case when no group was used. > netmonitor.security.keaGroup.none=none > > +# LOCALIZATION NOTE (netmonitor.security.keaGroup.custom): This is the label > +# displayed in the security tab describing the case when no group was used. s/no groups/a custom group/
Attachment #8905856 - Flags: review?(dkeeler) → review+
Pushed by franziskuskiefer@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/f13d106fc678 don't assert on custom TLS key-exchange groups, r=keeler
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: