Closed Bug 1765767 Opened 3 years ago Closed 3 years ago

Crash in [@ nssCKFWMutex_Destroy | nssCKFWObject_Destroy | NSSCKFWC_FindObjects | pk11_FindObjectsByTemplate]

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Platform:
Unspecified
macOS
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1766978

People

(Reporter: wsmwk, Unassigned)

Details

(Keywords: crash)

Crash Data

Only showing for macOS 10.12 and 10.13, going back as far as 91.2.0. Need to determine if a version of this crash exists for newer macOS.

Crash report: https://crash-stats.mozilla.org/report/index/97850452-0a55-4e5b-954c-86da60220419

Reason: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS

Top 10 frames of crashing thread:

0 libnssckbi.dylib nssCKFWMutex_Destroy security/nss/lib/ckfw/mutex.c:135
1 libnssckbi.dylib nssCKFWObject_Destroy security/nss/lib/ckfw/object.c:276
2 libnssckbi.dylib NSSCKFWC_FindObjects security/nss/lib/ckfw/wrap.c:2576
3 libnss3.dylib pk11_FindObjectsByTemplate security/nss/lib/pk11wrap/pk11obj.c:1896
4 libnss3.dylib PK11_FindRawCertsWithSubject security/nss/lib/pk11wrap/pk11obj.c:1948
5 XUL mozilla::psm::NSSCertDBTrustDomain::FindIssuer security/certverifier/NSSCertDBTrustDomain.cpp:244
6 XUL mozilla::pkix::BuildForward security/nss/lib/mozpkix/lib/pkixbuild.cpp:365
7 XUL mozilla::pkix::PathBuildingStep::Check security/nss/lib/mozpkix/lib/pkixbuild.cpp:211
8 XUL mozilla::psm::CheckCandidates security/certverifier/NSSCertDBTrustDomain.cpp:183
9 XUL mozilla::psm::NSSCertDBTrustDomain::FindIssuer security/certverifier/NSSCertDBTrustDomain.cpp:319
status-thunderbird100: --- → affected
status-thunderbird_esr91: --- → affected
Flags: needinfo?(vseerror)

(In reply to Wayne Mery (:wsmwk) from comment #0)

Only showing for macOS 10.12 and 10.13, going back as far as 91.2.0. Need to determine if a version of this crash exists for newer macOS.

No crashes for newer macOS - https://crash-stats.mozilla.org/signature/?signature=nssCKFWMutex_Destroy%20%7C%20nssCKFWObject_Destroy%20%7C%20NSSCKFWC_FindObjects%20%7C%20pk11_FindObjectsByTemplate&date=%3E%3D2022-04-26T10%3A12%3A00.000Z&date=%3C2022-05-26T10%3A12%3A00.000Z

Is there a legitimate security issue here? And is it fiixable in our code?
If not, then wontfix?

Flags: needinfo?(vseerror) → needinfo?(kaie)

This crash is in the NSS library, not specific to Thunderbird, probably in code related to SSL/TLS connections.

Assignee: nobody → nobody
Group: mail-core-security → crypto-core-security
status-thunderbird100: affected → ---
status-thunderbird_esr91: affected → ---
Component: Security → Libraries
Flags: needinfo?(kaie)
Product: Thunderbird → NSS
Version: Thunderbird 91 → other

(In reply to Kai Engert (:KaiE:) from comment #2)

probably in code related to SSL/TLS connections.

yes, stack frame 14 is: mozilla::psm::CertVerifier::VerifySSLServerCert

This was fixed in 101 but not backported to 91. The bug itself is very old, but crashes due to it became more frequent in February after we fixed some related thread safety issues.

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE

Thanks John!

Group: crypto-core-security
You need to log in before you can comment on or make changes to this bug.