Closed
Bug 140474
Opened 22 years ago
Closed 22 years ago
PK11_FindCertsFromNickname may cause an assertion failure in nssList_GetArray.
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.4.2
People
(Reporter: wtc, Assigned: bugz)
References
Details
(Whiteboard: [adt2 RTM])
Attachments
(1 file)
719 bytes,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
nssList_GetArray asserts that the maxElements argument is > 0. nssList_GetArray will malfunction if maxElements is 0. It is possible for PK11_FindCertsFromNickname to call nssList_GetArray with maxElements equal to 0, which causes the assertion to fail: if (nameList) { count = nssList_Count(nameList); foundCerts = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1); nssList_GetArray(nameList, (void **)foundCerts, count); nssList_Destroy(nameList); }
Assignee | ||
Comment 1•22 years ago
|
||
Updated•22 years ago
|
QA Contact: sonja.mirtitsch → bishakhabanerjee
Assignee | ||
Comment 2•22 years ago
|
||
patch checked in to branch, closing bug. This fix is not needed for the tip.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 3•22 years ago
|
||
Comment on attachment 81485 [details] [diff] [review] patch against 3.4 branch I think strictly speaking we also need to handle the failure of nss_ZNEWARRAY (out-of-memory error), that is, something like: foundCerts = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1); if (foundCerts) { nssList_GetArray(nameList, (void **)foundCerts, count); } but this patch is a strict improvement over the old code. r=wtc.
Attachment #81485 -
Flags: review+
Comment 5•22 years ago
|
||
adt1.0.1+ (on ADT's behalf) for checkin to the 1.0 branch. Pls check this in asap. thanks!
Whiteboard: [adt2 RTM]
Reporter | ||
Updated•22 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•