Closed
Bug 1397833
Opened 7 years ago
Closed 7 years ago
Assertion failure: false (MOZ_ASSERT_UNREACHABLE: Invalid key exchange group.) in nsNSSCallbacks.cpp:859
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla57
Tracking | Status | |
---|---|---|
firefox57 | --- | fixed |
People
(Reporter: Alex_Gaynor, Assigned: franziskus)
References
Details
Attachments
(1 file)
(Wasn't sure if this belonged in nss, PSM, or something else)
Reproducible for me 100%, STR:
- Build nightly from hg (3c96d611ebd6)
- ./mach run
- Browse to badssl.com/dashboard/
Assertion failure: false (MOZ_ASSERT_UNREACHABLE: Invalid key exchange group.), at /Users/agaynor/projects/mozilla-central/security/manager/ssl/nsNSSCallbacks.cpp:859
#01: CanFalseStartCallback(PRFileDesc*, void*, int*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x435c3f6]
#02: ssl3_CheckFalseStart[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x1eba5c]
#03: ssl3_AuthCertificateComplete[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x1eb687]
#04: SSL_AuthCertificateComplete[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x202a7b]
#05: nsNSSSocketInfo::SetCertVerificationResult(int, mozilla::psm::SSLErrorMessageType)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x437a614]
#06: mozilla::psm::(anonymous namespace)::SSLServerCertVerificationResult::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x4347b1a]
#07: nsThread::ProcessNextEvent(bool, bool*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x137622]
#08: NS_ProcessNextEvent(nsIThread*, bool)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13a0b0]
#09: mozilla::net::nsSocketTransportService::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x23ced4]
[Child 76845] WARNING: We've already scheduled a task for background list flush.: file /Users/agaynor/projects/mozilla-central/parser/html/nsHtml5TreeOpExecutor.cpp, line 283
#10: non-virtual thunk to mozilla::net::nsSocketTransportService::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x23dc9d]
#11: nsThread::ProcessNextEvent(bool, bool*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x137622]
#12: NS_ProcessNextEvent(nsIThread*, bool)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x13a0b0]
#13: mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x6d1642]
#14: MessageLoop::Run()[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x683743]
#15: nsThread::ThreadFunc(void*)[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/XUL +0x134a36]
#16: _pt_root[/Users/agaynor/projects/mozilla-central/obj-x86_64-apple-darwin16.7.0/dist/NightlyDebug.app/Contents/MacOS/libnss3.dylib +0x14a8ca]
#17: _pthread_body[/usr/lib/system/libsystem_pthread.dylib +0x393b]
#18: _pthread_body[/usr/lib/system/libsystem_pthread.dylib +0x3887]
Reporter | ||
Comment 1•7 years ago
|
||
Narrowed it down to dh1024.badssl.com which specifically causes the crash.
Comment 2•7 years ago
|
||
Franziskus, can you have a look?
Blocks: 1304923
Flags: needinfo?(franziskuskiefer)
Comment hidden (mozreview-request) |
Assignee | ||
Comment 4•7 years ago
|
||
Hm, I can't reproduce this but I can imagine where's it's coming from. I'll move this function into NSS soon to avoid any problems like this.
Flags: needinfo?(franziskuskiefer)
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → franziskuskiefer
Comment 5•7 years ago
|
||
mozreview-review |
Comment on attachment 8905856 [details]
Bug 1397833 - don't assert on custom groups,
https://reviewboard.mozilla.org/r/177666/#review182830
lgtm with minor nits
::: commit-message-af5f4:1
(Diff revision 1)
> +Bug 1397833 - don't assert on custom groups, r?keeler
nit: maybe a bit more detail that this is specific to tls key exchange groups
::: devtools/client/locales/en-US/netmonitor.properties:775
(Diff revision 1)
> # LOCALIZATION NOTE (netmonitor.security.keaGroup.none): This is the label
> # displayed in the security tab describing the case when no group was used.
> netmonitor.security.keaGroup.none=none
>
> +# LOCALIZATION NOTE (netmonitor.security.keaGroup.custom): This is the label
> +# displayed in the security tab describing the case when no group was used.
s/no groups/a custom group/
Attachment #8905856 -
Flags: review?(dkeeler) → review+
Comment 6•7 years ago
|
||
This reproduced in bughunter and locally on Fedora 26 with:
https://football24.ua/vidbir_yevro_2019_u_21_andorra__ukrayina__06__video_goliv_i_oglyad_matchu_n404369/
Pushed by franziskuskiefer@gmail.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/f13d106fc678
don't assert on custom TLS key-exchange groups, r=keeler
Comment 8•7 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in
before you can comment on or make changes to this bug.
Description
•