Crash with cert->nickname == 0
Categories
(NSS :: Libraries, defect)
Tracking
(firefox-esr91 wontfix, firefox-esr102104+ fixed, firefox102 wontfix, firefox103 wontfix, firefox104 fixed)
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
(Keywords: crash)
Attachments
(1 file)
Using Thunderbird 102 (NSS 3.79), I'm crashing with the following stack:
#0 __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
#1 0x00007ffff77f1553 in PORT_ArenaStrdup_Util (arena=arena@entry=0x7fffdc396470, str=0x0)
at /home/user/moz/comm-esr102/mozilla/security/nss/lib/util/secport.c:636
#2 0x00007ffff777348f in CERT_GetCertNicknameWithValidity
(arena=arena@entry=0x7fffdc396470, cert=0x7fffc7809020, expiredString=expiredString@entry=0x7fffffff2dd4 " ", notYetGoodString=notYetGoodString@entry=0x7fffffff2d7c " ") at /home/user/moz/comm-esr102/mozilla/security/nss/lib/certhigh/certvfy.c:1914
#3 0x00007ffff7773623 in CERT_NicknameStringsFromCertList
(certList=0x7fffc780d820, expiredString=0x0, notYetGoodString=0x7fffffff2d7c " ")
at /home/user/moz/comm-esr102/mozilla/security/nss/lib/certhigh/certvfy.c:2023
#4 0x00007ffff3196938 in getNSSCertNicknamesFromCertList(std::unique_ptr<CERTCertListStr, mozilla::UniqueCERTCertListDeletePolicy> const&) (certList=std::unique_ptr<CERTCertListStr> = {...})
at /home/user/moz/comm-esr102/mozilla/comm/mailnews/extensions/smime/nsCertPicker.cpp:65
#5 0x00007ffff3197660 in nsCertPicker::PickByUsage(nsIInterfaceRequestor*, char16_t const*, int, bool, bool, nsTSubstring<char16_t> const&, bool*, nsIX509Cert**) (this=<optimized out>, ctx=
0x7fffc0a52970, selectedNickname=0x7fffce198200 u"CAcert WoT User [15:08:F9]", certUsage=<optimized out>, allowInvalid=<optimized out>, allowDuplicateNicknames=<optimized out>, emailAddress=..., canceled=0x7fffffff34c8, _retval=0x7fffffff34e0)
at /home/user/moz/comm-esr102/mozilla/comm/mailnews/extensions/smime/nsCertPicker.cpp:332
cert->nickname is null
This was a valid personal certificate crom cacert. I had configured thunderbird in the past to use this for s/mime.
When trying to change the S/MIME certificate configuration, it crashes while attempting to create the UI display of available certificates.
I'm surprised that a nickname can be null. I thought it was guaranteed to be non-null in the past.
Assignee | ||
Comment 1•2 years ago
|
||
Assignee | ||
Comment 2•2 years ago
|
||
Bob, is it acceptable, or unexpected, that a cert structure contains a null nickname pointer?
Comment 3•2 years ago
|
||
The personal cert should have had a nickname, but the code should be robust against not having one, so your patch is good (I have one nit about what you should default the name to which I've indicated in my approval of the patch.
bob
Updated•2 years ago
|
Assignee | ||
Comment 4•2 years ago
|
||
Bob, please see my response and change in phabricator. Is this acceptable?
Comment 5•2 years ago
|
||
I've updated the phabricator comment. I think you are good to go.
Comment 6•2 years ago
|
||
The severity field is not set for this bug.
:beurdouche, could you have a look please?
For more information, please visit auto_nag documentation.
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Comment 8•2 years ago
|
||
Updated•2 years ago
|
Assignee | ||
Comment 9•2 years ago
|
||
RyanVM, FYI, we see crash reports on esr91, too.
Updated•2 years ago
|
Updated•2 years ago
|
Comment 10•2 years ago
•
|
||
https://hg.mozilla.org/projects/nss/rev/3b4cd48043dd2ad2d3fd4c9fbd4ef780ba6d1c4c (NSS_3_79_1_BRANCH)
Comment 11•2 years ago
•
|
||
Note that this change was forgotten from NSS 3.79.1 and was added to the NSS_3_79_1_BRANCH post-release.
However the commit was applied manually to Fx 102.2 to avoid making another NSS release on the fly
https://hg.mozilla.org/mozilla-unified/rev/3876d5327f44c991c9034c4112f33f147ab10ab9
Description
•