Closed
Bug 164373
Opened 22 years ago
Closed 22 years ago
Softoken crashes looking up large CRL
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.6
People
(Reporter: julien.pierre, Assigned: rrelyea)
References
Details
Attachments
(1 file, 1 obsolete file)
733 bytes,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
This is happening on the NSS 3.6 tip when doing a cert verification. The lookup of the CRL causes a crash. I believe the regression occurred in the past 2 or 3 days. It might be a result of the memory leak fix. On Solaris I could only reproduce it in the debug build. On OS/2 it happens on the debug build too, and is reproducible evrey time. Here is the stack. I thought I had a bug in my CRL cache code that caused the crash in my optimized build last night - but it appears to be something else in softoken instead. Function | Part -----------------------------------+----------------- strlen | cpprmi36.dll:2 pk11_FindTokenAttribute | PKCS11U.OBJ pk11_FindAttribute | PKCS11U.OBJ NSC_GetAttributeValue | PKCS11.OBJ nssCKObject_GetAttributes | CKHELPER.OBJ nssCryptokiCRL_GetAttributes | CKHELPER.OBJ nssCRL_Create | CERTIFICATE.OBJ crl_createObject | PKIBASE.OBJ nssPKIObjectCollection_GetObjects | PKIBASE.OBJ nssPKIObjectCollection_GetCRLs | PKIBASE.OBJ nssTrustDomain_FindCRLsBySubject | TRUSTDOMAIN.OBJ PK11_FindCrlByName | PK11CERT.OBJ SEC_FindCrlByKeyOnSlot | CRL.OBJ SEC_FindCrlByName | CRL.OBJ SEC_CheckCRL | CERTVFY.OBJ cert_VerifyCertChain | CERTVFY.OBJ CERT_VerifyCertificate | CERTVFY.OBJ ValidateCert | CERTUTIL.OBJ main | CERTUTIL.OBJ _start | EXESTRTI 0x1C04C183 | DOSCALL1.DLL:4
Reporter | ||
Updated•22 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.6
Reporter | ||
Comment 2•22 years ago
|
||
I have confirmed that this is due to the recent code changes - doing a "cvs update -D 08/20/2002" in the softoken directory fixes the problem (although it also restores the memory leak).
Assignee | ||
Comment 3•22 years ago
|
||
The new patch moved retreiving the URL from a specific call to retrieve it to pulling it out of the stored data entry structure. The can happen in any case where you store the CRL without a URL. If you have a URL, then in the causes where the previous code succeeded, fetching the URL would fail.
Comment 4•22 years ago
|
||
Comment on attachment 96685 [details] [diff] [review] Check crl->url, not a random uninitialzed variable . Bob, With this patch, 'url' becomes an unused variable and should be removed.
Attachment #96685 -
Flags: needs-work+
Assignee | ||
Comment 5•22 years ago
|
||
Yes, A better warning should have been 'this variable is uninitialized' before the patch;). bob
Assignee | ||
Comment 6•22 years ago
|
||
Attachment #96685 -
Attachment is obsolete: true
Comment 7•22 years ago
|
||
Comment on attachment 96728 [details] [diff] [review] Same patch with WTC's comments r=wtc.
Attachment #96728 -
Flags: review+
Reporter | ||
Comment 8•22 years ago
|
||
Thanks, Bob. This latest patch resolved the problem.
Assignee | ||
Comment 9•22 years ago
|
||
patch fixed the problem
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•