KBKDF - Consistently handle NULL slot/session
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
People
(Reporter: alexander.m.scheel, Assigned: alexander.m.scheel)
Details
Attachments
(1 file)
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
Steps to reproduce:
Per Bug 1607955, the KBKDF code introduced in Bug 1599603 confused Coverity with a elided NULL check on sftk_SlotFromSessionHandle(...). While Coverity is incorrect (and the behavior is fine as-is), it isn't consistent with the KBKDF code's handling of sftk_SessionFromHandle(...) (which is NULL checked).
In both cases, move to a PR_ASSERT(...) and mention why the value can't reasonably be NULL in the code. This'll aid debugging (in the rare case this code is called during shutdown and sessions are actively being removed), but not incur a performance penalty on non-DEBUG builds.
Actual results:
Coverity was confused.
Expected results:
The code should be written in a way that Coverity isn't confused.
(If you'd like to close this bug in favor of attaching the patch to 1607955 and re-opening it, feel free).
|
Assignee | |
Comment 1•5 years ago
|
||
Per Bug 1607955, the KBKDF code introduced in Bug 1599603 confused
Coverity with a elided NULL check on sftk_SlotFromSessionHandle(...).
While Coverity is incorrect (and the behavior is fine as-is), it isn't
consistent with the KBKDF code's handling of sftk_SessionFromHandle(...)
(which is NULL checked).
This brings these two call sites into internal consistency.
|
||
Comment 2•5 years ago
|
||
Thank you for this.
|
||
Comment 3•5 years ago
|
||
|
||
Updated•5 years ago
|
Description
•