CRL cache crashes in some cases

RESOLVED FIXED in 3.6

Status

NSS
Libraries
P1
normal
RESOLVED FIXED
16 years ago
16 years ago

People

(Reporter: Julien Pierre, Assigned: Wan-Teh Chang)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

16 years ago
The CRL cache inserts CRLs into an issuer hash table.
The key value (DER subject of the issuer) was not being copied. This could cause
the CRL not to be found or the program to crash if the memory was freed. The
later happened to me on windows. Patch to follow.
(Reporter)

Updated

16 years ago
Priority: -- → P1
Target Milestone: --- → 3.6
Version: 3.5 → 3.6
(Reporter)

Comment 1

16 years ago
Created attachment 98655 [details] [diff] [review]
patch to copy the DER subject before inserting an issuer into the hash table
(Reporter)

Comment 2

16 years ago
Checking in certi.h;
/cvsroot/mozilla/security/nss/lib/certdb/certi.h,v  <--  certi.h
new revision: 1.5; previous revision: 1.4
done
Checking in crl.c;
/cvsroot/mozilla/security/nss/lib/certdb/crl.c,v  <--  crl.c
new revision: 1.23; previous revision: 1.22
done
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.