Closed Bug 158339 Opened 19 years ago Closed 19 years ago

RNG_RNGInit() failure causes bad free (bus error)

Categories

(NSS :: Libraries, defect)

3.4.2
All
Solaris
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: kirk.erickson, Assigned: wtc)

Details

Attachments

(1 file)

When the RNG_RNGInit() call in  nsc_commonInitialize() fails,
goto loser: causes a bus error because paramStrings we never
init_args.  See  softoken/pkcs11.c

    rv = RNG_RNGInit();         /* initialize random number generator */
    if (rv != SECSuccess) {
        crv = CKR_DEVICE_ERROR;
        goto loser;
    }
    RNG_SystemInfoForRNG();
Stack trace of the bus error under Solaris dbx:


> 
> The only info I got from the debug version is that it is failing in
> SECMOD_LoadPKCS11Module:
> 
> 213:    if (PK11_GETTAB(mod)->C_Initialize(&secmodLockFunctions) !=
> CKR_OK) {
> 
>   [1] _free_unlocked(0x6572733d, 0xfeeb8000, 0x6572733d, 0xfeeb8000,
> 0xff3e260c, 0xff0a05e8), at 0xfee42090
>   [2] free(0x6572733d, 0x1, 0x0, 0x0, 0x0, 0x0), at 0xfee42040
>   [3] PR_Free(0x6572733d, 0xfea4dbc0, 0x0, 0x0, 0x0, 0x0), at 0xff032680
>   [4] PORT_Free(0x6572733d, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfea64878
>   [5] secmod_freeParams(0xffbee5c0, 0xfeeb8000, 0x2abea0, 0xfeeb8000,
> 0xff32dd72, 0xff00), at 0xfea263dc
>   [6] nsc_CommonInitialize(0xff3508f0, 0x0, 0x8, 0x0, 0xff32dd72,
> 0xff00), at 0xfea2eb10
>   [7] NSC_Initialize(0xff3508f0, 0x0, 0x2abea0, 0x0, 0x0, 0x0), at
> 0xfea2eba4
> =>[8] SECMOD_LoadPKCS11Module(mod = 0x2abfb8), line 213 in "pk11load.c"
>   [9] SECMOD_LoadModule(modulespec = 0x2abd50 "library= name="NSS
> Internal PKCS #11 Module" parameters="configdir='' certPrefix=''
> keyPrefix='' secmod='secmod.db'
> flags=readOnly,noCertDB,noModDB,forceOpen " NSS="Flags=internal,critical
> trustOrder=0 cipherOrder=100
>
slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES]
> askpw=any timeout=30})"", parent = 0x2aba70, recurse = 1), line 303 in
> "pk11pars.c"
>   [10] SECMOD_LoadModule(modulespec = 0x2ab238 "name="NSS Internal
> Module" parameters="configdir='' certPrefix='' keyPrefix=''
> secmod='secmod.db' flags=readOnly,noCertDB,noModDB,forceOpen "
> NSS="flags=internal,moduleDB,moduleDBOnly,critical"", parent = (nil),
> recurse = 1), line 316 in "pk11pars.c"
>   [11] nss_Init(configdir = 0x29c450 "", certPrefix = 0xff32d218 "",
> keyPrefix = 0xff32d21c "", secmodName = 0xff32d220 "secmod.db", readOnly
> = 1, noCertDB = 1, noModDB = 1, forceOpen = 1, noRootInit = 1), line 444
> in "nssinit.c"
>   [12] NSS_NoDB_Init(configdir = 0x29c450 ""), line 522 in "nssinit.c"
> 
This patch also works for the 3.5 branch.  The 3.4 branch
will need a different patch.
Fix checked into the tip (3.6).  I think we don't need
to fix this bug on the 3.4 or 3.5 branch.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.6
You need to log in before you can comment on or make changes to this bug.