Closed
Bug 1630925
Opened 3 years ago
Closed 3 years ago
Missing null check in NSS_CMSSignedData_GetSignerInfo for sigd->signerInfos
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.52
People
(Reporter: freddy, Assigned: jcj)
Details
Attachments
(1 file)
This e-mail was sent to our dev-security mailing list, with a patch attached:
Hi , dev-security@lists.mozilla.org
I found a bug in function NSS_CMSSignedData_GetSignerInfo, sigd->signerInfos not judged !NULL before use. It cause core dump.
NSSCMSSignerInfo *
NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i)
{
if (!sigd) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return NULL;
}
return sigd->signerInfos[i];
}Signed-off-by: zhujianwei7 <zhujianwei7@huawei.com>
diff -uNr nss/lib/smime/cmssigdata.c nss.fix/lib/smime/cmssigdata.c --- nss/lib/smime/cmssigdata.c 2018-12-01 06:41:31.000000000 +0800 +++ nss.fix/lib/smime/cmssigdata.c 2020-04-08 08:20:28.931050077 +0800 @@ -476,7 +476,7 @@ NSSCMSSignerInfo * NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i) { - if (!sigd) { + if (!sigd || !sigd->signerInfos) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; }
|
Assignee | |
Comment 1•3 years ago
|
||
Emailed reporter to ask how they'd like to be attributed, if they would.
Assignee: nobody → jjones
Status: NEW → ASSIGNED
Priority: -- → P1
Version: other → 3.53
|
|
Assignee | |
Comment 2•3 years ago
|
||
|
||
Updated•3 years ago
|
Attachment #9144787 -
Attachment description: Bug 1630925 - Guard all instances of NSSCMSSignedData.signerInfos r?kjacobs → Bug 1630925 - Guard all instances of NSSCMSSignedData.signerInfos r=kjacobs
|
|
Assignee | |
Comment 3•3 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.52
You need to log in
before you can comment on or make changes to this bug.
Description
•