Open Bug 1529003 Opened 6 years ago Updated 2 years ago

NSS S/MIME code apparently not threadsafe

Categories

(NSS :: Libraries, enhancement, P3)

enhancement

Tracking

(Not tracked)

People

(Reporter: KaiE, Unassigned)

References

Details

(Whiteboard: [cms][smime][thunderbird])

The top crasher in Thunderbird is a memory corruption in NSS. We crash while destroying a certificate object.

Apparently whenever we crash. we have more than one background thread active that performs S/MIME signature verification.

As an experiment, we serialized the background use of S/MIME verification with a global mutex. Since that change, we no longer see that crash.

I conclude this means that the NSS S/MIME code isn't threadsafe.

(I understand that NSS claims that it's threadsafe, and from past experience, other code related to TLS and cryptography in NSS indeed appears to be safe.)

Priority: -- → P3
Whiteboard: [cms][smime][thunderbird]
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.