Closed
Bug 178898
Opened 22 years ago
Closed 20 years ago
ASN.1 decoder used without arena in lib/crmf
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.10
People
(Reporter: rrelyea, Assigned: nelson)
References
(Blocks 2 open bugs)
Details
Attachments
(1 file)
7.41 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
The use of SEC_ASN1Decode and SECASN1DecodeItem should be examined in lib/crmf to see if we can use the quick decoder instead. Note: be very careful to get these right. all.sh has little or no coverage of the crmf functionality.
Updated•22 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.8
Updated•21 years ago
|
Summary: Quck decoder changes in lib/crmf → Quick decoder changes in lib/crmf
Updated•21 years ago
|
Target Milestone: 3.8 → 3.9
Updated•20 years ago
|
Target Milestone: 3.9 → 3.10
Comment 3•20 years ago
|
||
I reviewed the two calls to SEC_ASN1DecodeItem in crmf. Both are without arenas, and it would be intrusive to add them for QuickDER, so I'm going to close this bug.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 4•20 years ago
|
||
Julien, do we know that these calls never leak memory? Perhaps this bug should be reopenened and morph into a bug about plugging leaks in the CRMF lib's use of the decoders ?
Comment 5•20 years ago
|
||
No, we don't know that. They could leak memory if invalid data is fed, or if the freeing code for CRMF is incomplete. In this regard, it would make sense to convert the code to arenas . If you want to do this, feel free to reopen and take the bug, since you have been working on the CRMF code lately.
Assignee | ||
Comment 6•20 years ago
|
||
As Julien reported above, the CRMF lib uses the ASN.1 decoder without an arenapool which potentially leaks memory. Since I'm working on the CRMF lib, I will take this and fix it.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Summary: Quick decoder changes in lib/crmf → ASN.1 decoder issues in lib/crmf
Assignee | ||
Comment 7•20 years ago
|
||
taking (wish I doulc do this in less than 3 steps).
Assignee: julien.pierre.bugs → MisterSSL
Status: REOPENED → NEW
Assignee | ||
Updated•20 years ago
|
Status: NEW → ASSIGNED
Priority: P3 → P2
Assignee | ||
Updated•20 years ago
|
Summary: ASN.1 decoder issues in lib/crmf → ASN.1 decoder used without arena in lib/crmf
Assignee | ||
Updated•20 years ago
|
Status: ASSIGNED → NEW
Assignee | ||
Updated•20 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 8•20 years ago
|
||
This patch does 2 things: a) ensures that we always have a non-null pool pointer when calling the ASN1 Decoder, and b) rewrites crmf_get_public_value to ensure that it always detects allocation failures, and returns NULL when they occur. Julien, do you thin the changes to crmf_decode_params were unnecessary?
Assignee | ||
Comment 9•20 years ago
|
||
Comment on attachment 151996 [details] [diff] [review] patch v1 Bob, please review
Attachment #151996 -
Flags: review?(rrelyea0264)
Assignee | ||
Updated•20 years ago
|
Whiteboard: awaiting review
Reporter | ||
Comment 10•20 years ago
|
||
Comment on attachment 151996 [details] [diff] [review] patch v1 Looks fine, though I would like the first change in asn1cmn.c changed as follows: 1) move the test for poolp not NULL to the begining of the case (just before the line "inCertOrEncCert->cert.encrytpedCert = ..." (prefered). or remove the new test altogether. Rationale: if we are going to test the validity of the poolp, we should do so before we first use it;). I'll leave it to Julian to answer the question on crmf_decode_params. If the changes are necessare the given changes look correct to me. bob
Attachment #151996 -
Flags: review?(rrelyea0264) → review+
Assignee | ||
Comment 11•20 years ago
|
||
/cvsroot/mozilla/security/nss/lib/crmf/asn1cmn.c,v <-- asn1cmn.c new revision: 1.9; previous revision: 1.8 /cvsroot/mozilla/security/nss/lib/crmf/challcli.c,v <-- challcli.c new revision: 1.5; previous revision: 1.4 /cvsroot/mozilla/security/nss/lib/crmf/crmfcont.c,v <-- crmfcont.c new revision: 1.7; previous revision: 1.6 /cvsroot/mozilla/security/nss/lib/crmf/crmfdec.c,v <-- crmfdec.c new revision: 1.4; previous revision: 1.3 /cvsroot/mozilla/security/nss/lib/crmf/crmfi.h,v <-- crmfi.h new revision: 1.3; previous revision: 1.2 tested with crmftest -d /tmp/client -p TestUser -s TestCA crmf dsa decode cmmf
Status: ASSIGNED → RESOLVED
Closed: 20 years ago → 20 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•20 years ago
|
Whiteboard: awaiting review
Comment 12•20 years ago
|
||
Nelson, Sorry I'm late to the party here ... But I had this comment about the patch : I find your use of SECITEM_ArenaDupItem(NULL, ...) a little confusing . If you aren't going to use an arena, you may as well call SECITEM_DupItem(...) instead, which will be the same thing, but more readable. On the other hand, since part of these interfaces are static, perhaps it's worth changing more of the code and not return a SECITEM allocated from the global heap. Maybe the next time this code gets looked at.
You need to log in
before you can comment on or make changes to this bug.
Description
•