Closed
Bug 166719
Opened 23 years ago
Closed 23 years ago
crlutil -L crashes with large CRL
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
VERIFIED
FIXED
3.6
People
(Reporter: julien.pierre, Assigned: wtc)
Details
Attachments
(1 file, 1 obsolete file)
|
442 bytes,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
After Bob's changes were checked in, there is still a problem dealing with a 26
MB CRL object on OS/2. The CRL is successfully added to the database, but
listing it with crlutil -d . -L crashes with the following stack :
Function | Part
------------------------------+----------------
_uheap_check | cpprmi36.dll:2
_endthread | cpprmi36.dll:2
free | cpprmi36.dll:2
PR_Free | PRMEM.OBJ
PORT_Free | SECPORT
dbs_freemap | DBMSHIM.OBJ
dbs_seq | DBMSHIM.OBJ
certdb_Seq | PCERTDB.OBJ
nsslowcert_TraverseDBEntries | PCERTDB.OBJ
pk11_searchCrls | PKCS11.OBJ
pk11_searchTokenList | PKCS11.OBJ
NSC_FindObjectsInit | PKCS11.OBJ
pk11_FindObjectsByTemplate | PK11CERT.OBJ
PK11_TraverseSlot | PK11CERT.OBJ
pk11_TraverseAllSlots | PK11CERT.OBJ
PK11_LookupCrls | PK11CERT.OBJ
SEC_LookupCrls | CRL.OBJ
ListCRLNames | CRLUTIL.OBJ
ListCRL | CRLUTIL.OBJ
main | CRLUTIL.OBJ
_start | EXESTRTI
0x1C04C183 | DOSCALL1.DLL:4
The problem is in the emulation code for the file mapping function. The pointer
is not being reset to NULL after being freed.
|
Reporter | |
Comment 1•23 years ago
|
||
|
|
Reporter | |
Updated•23 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.6
|
Assignee | |
Comment 2•23 years ago
|
||
Comment on attachment 97867 [details] [diff] [review]
patch to fix crash in file mapping emulation code
> dbs_len = 0;
> } else if (dbs_addr) {
> PORT_Free(dbs_addr);
>+ dbs_addr=NULL;
> }
> return;
> }
1. The indentation is wrong.
2. We should also set dbs_len to 0.
Attachment #97867 -
Flags: needs-work+
|
|
Reporter | |
Comment 3•23 years ago
|
||
Attachment #97867 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 4•23 years ago
|
||
Comment on attachment 97871 [details] [diff] [review]
updated patch
r=wtc. Please check it into the tip. Thanks.
Attachment #97871 -
Flags: review+
|
|
Reporter | |
Comment 5•23 years ago
|
||
Checking in dbmshim.c;
/cvsroot/mozilla/security/nss/lib/softoken/dbmshim.c,v <-- dbmshim.c
new revision: 1.2; previous revision: 1.1
done
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
||
Comment 6•23 years ago
|
||
Julian, please verify this.
Thanks
|
|
Reporter | |
Comment 7•23 years ago
|
||
This was fixed , but the code is never used at this time since we rolled back
the blob changes. This wasn't an OS/2-specific bug, BTW. Marking verified.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•