pkix_List_Duplicate() consumes too much stack memory with recursion and causes a crash if used with small stacks.
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
People
(Reporter: dodo_birds, Unassigned)
Details
Attachments
(1 file)
3.07 KB,
text/plain
|
Details |
Steps to reproduce:
Call pkix_List_Duplicate() on a large list(a few thousand) from a thread with a small stack(maybe 8k or 16k).
Actual results:
pkix_List_Duplicate() will attempt to recursively copy all of the elements in the list. However, it will run out of stack memory and cause a crash.
This is causing an issue on an embedded system with limited memory. The system that is encountering the issue is currently using NSS version 3.49.1 and NSPR version 4.24.
Expected results:
pkix_List_Duplicate() should successfully copy all of the elements without running out of stack memory.
Attached is a diff that converts the function from recursive to iterative. This resolves the issue for the scenario described above.
Comment 1•2 years ago
|
||
The severity field is not set for this bug.
:beurdouche, could you have a look please?
For more information, please visit BugBot documentation.
Comment 2•1 year ago
|
||
@Dana, any opinion on what to do with this since it is in libpkix ?
![]() |
||
Comment 3•1 year ago
|
||
I'd WONTFIX this. We shouldn't spend any time on libpkix.
Comment 4•1 year ago
|
||
Agreed, Thank you !
Description
•