Closed
Bug 1972054
Opened 7 months ago
Closed 2 months ago
Leak in sec_pkcs12_decoder_safe_contents_notify
Categories
(NSS :: Libraries, defect, P3)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: djackson, Assigned: djackson)
References
(Blocks 1 open bug)
Details
(Whiteboard: [fuzzblocker])
Attachments
(2 files)
It looks like our CI has picked up a leak in the PKCS12 Fuzzer
Indirect leak of 2048 byte(s) in 1 object(s) allocated from:
#5 0x5632ccd32524 in SEC_ASN1DecoderStart_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:3039:36
[task 2025-06-12T11:16:45.437+00:00] #6 0x5632cc2a2c31 in sec_pkcs12_decoder_safe_contents_notify /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:496:13
[task 2025-06-12T11:16:45.437+00:00] #7 0x5632ccd3546f in sec_asn1d_notify_before /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:430:5
[task 2025-06-12T11:16:45.437+00:00] #8 0x5632ccd298d7 in sec_asn1d_next_in_group /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2049:5
[task 2025-06-12T11:16:45.437+00:00] #9 0x5632ccd298d7 in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2823:17
[task 2025-06-12T11:16:45.437+00:00] #10 0x5632cc2a1e8d in sec_pkcs12_decoder_safe_contents_callback /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:739:10
[task 2025-06-12T11:16:45.437+00:00] #11 0x5632ccd669ca in sec_pkcs7_decoder_work_data /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:172:13
[task 2025-06-12T11:16:45.437+00:00] #12 0x5632ccd66027 in sec_pkcs7_decoder_filter /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:216:5
[task 2025-06-12T11:16:45.437+00:00] #13 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.437+00:00] #14 0x5632ccd600c9 in SEC_PKCS7DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:1046:17
[task 2025-06-12T11:16:45.437+00:00] #15 0x5632cc2a2507 in sec_pkcs12_decoder_wrap_p7_update /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:771:5
[task 2025-06-12T11:16:45.437+00:00] #16 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.437+00:00] #17 0x5632cc2a1362 in sec_pkcs12_decoder_asafes_callback /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:862:10
[task 2025-06-12T11:16:45.437+00:00] #18 0x5632ccd669ca in sec_pkcs7_decoder_work_data /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:172:13
[task 2025-06-12T11:16:45.437+00:00] #19 0x5632ccd66027 in sec_pkcs7_decoder_filter /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:216:5
[task 2025-06-12T11:16:45.437+00:00] #20 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.437+00:00] #21 0x5632ccd600c9 in SEC_PKCS7DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:1046:17
[task 2025-06-12T11:16:45.437+00:00] #22 0x5632cc2a0c8c in sec_pkcs12_decode_asafes_cinfo_update /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:964:10
[task 2025-06-12T11:16:45.437+00:00] #23 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.437+00:00] #24 0x5632cc297ee7 in SEC_PKCS12DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:1297:10
[task 2025-06-12T11:16:45.437+00:00] #25 0x5632cc28cd43 in LLVMFuzzerTestOneInput /builds/worker/workspace/nss/out/Debug/../../fuzz/targets/pkcs12.cc:37:18
Indirect leak of 168 byte(s) in 1 object(s) allocated from:
#5 0x5632cc2a2c31 in sec_pkcs12_decoder_safe_contents_notify /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:496:13
[task 2025-06-12T11:16:45.439+00:00] #6 0x5632ccd3546f in sec_asn1d_notify_before /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:430:5
[task 2025-06-12T11:16:45.439+00:00] #7 0x5632ccd298d7 in sec_asn1d_next_in_group /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2049:5
[task 2025-06-12T11:16:45.439+00:00] #8 0x5632ccd298d7 in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2823:17
[task 2025-06-12T11:16:45.439+00:00] #9 0x5632cc2a1e8d in sec_pkcs12_decoder_safe_contents_callback /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:739:10
[task 2025-06-12T11:16:45.439+00:00] #10 0x5632ccd669ca in sec_pkcs7_decoder_work_data /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:172:13
[task 2025-06-12T11:16:45.439+00:00] #11 0x5632ccd66027 in sec_pkcs7_decoder_filter /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:216:5
[task 2025-06-12T11:16:45.439+00:00] #12 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.439+00:00] #13 0x5632ccd600c9 in SEC_PKCS7DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:1046:17
[task 2025-06-12T11:16:45.439+00:00] #14 0x5632cc2a2507 in sec_pkcs12_decoder_wrap_p7_update /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:771:5
[task 2025-06-12T11:16:45.439+00:00] #15 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.439+00:00] #16 0x5632cc2a1362 in sec_pkcs12_decoder_asafes_callback /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:862:10
[task 2025-06-12T11:16:45.439+00:00] #17 0x5632ccd669ca in sec_pkcs7_decoder_work_data /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:172:13
[task 2025-06-12T11:16:45.439+00:00] #18 0x5632ccd66027 in sec_pkcs7_decoder_filter /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:216:5
[task 2025-06-12T11:16:45.439+00:00] #19 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.439+00:00] #20 0x5632ccd600c9 in SEC_PKCS7DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:1046:17
[task 2025-06-12T11:16:45.439+00:00] #21 0x5632cc2a0c8c in sec_pkcs12_decode_asafes_cinfo_update /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:964:10
[task 2025-06-12T11:16:45.439+00:00] #22 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.439+00:00] #23 0x5632cc297ee7 in SEC_PKCS12DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:1297:10
[task 2025-06-12T11:16:45.439+00:00] #24 0x5632cc28cd43 in LLVMFuzzerTestOneInput /builds/worker/workspace/nss/out/Debug/../../fuzz/targets/pkcs12.cc:37:18
Indirect leak of 88 byte(s) in 1 object(s) allocated from:
#4 0x5632ccd3250f in SEC_ASN1DecoderStart_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:3035:16
[task 2025-06-12T11:16:45.440+00:00] #5 0x5632cc2a2c31 in sec_pkcs12_decoder_safe_contents_notify /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:496:13
[task 2025-06-12T11:16:45.440+00:00] #6 0x5632ccd3546f in sec_asn1d_notify_before /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:430:5
[task 2025-06-12T11:16:45.440+00:00] #7 0x5632ccd298d7 in sec_asn1d_next_in_group /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2049:5
[task 2025-06-12T11:16:45.440+00:00] #8 0x5632ccd298d7 in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2823:17
[task 2025-06-12T11:16:45.440+00:00] #9 0x5632cc2a1e8d in sec_pkcs12_decoder_safe_contents_callback /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:739:10
[task 2025-06-12T11:16:45.440+00:00] #10 0x5632ccd669ca in sec_pkcs7_decoder_work_data /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:172:13
[task 2025-06-12T11:16:45.440+00:00] #11 0x5632ccd66027 in sec_pkcs7_decoder_filter /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:216:5
[task 2025-06-12T11:16:45.440+00:00] #12 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.441+00:00] #13 0x5632ccd600c9 in SEC_PKCS7DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:1046:17
[task 2025-06-12T11:16:45.441+00:00] #14 0x5632cc2a2507 in sec_pkcs12_decoder_wrap_p7_update /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:771:5
[task 2025-06-12T11:16:45.441+00:00] #15 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.441+00:00] #16 0x5632cc2a1362 in sec_pkcs12_decoder_asafes_callback /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:862:10
[task 2025-06-12T11:16:45.441+00:00] #17 0x5632ccd669ca in sec_pkcs7_decoder_work_data /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:172:13
[task 2025-06-12T11:16:45.441+00:00] #18 0x5632ccd66027 in sec_pkcs7_decoder_filter /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:216:5
[task 2025-06-12T11:16:45.443+00:00] #19 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.443+00:00] #20 0x5632ccd600c9 in SEC_PKCS7DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs7/p7decode.c:1046:17
[task 2025-06-12T11:16:45.443+00:00] #21 0x5632cc2a0c8c in sec_pkcs12_decode_asafes_cinfo_update /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:964:10
[task 2025-06-12T11:16:45.443+00:00] #22 0x5632ccd2d9be in SEC_ASN1DecoderUpdate_Util /builds/worker/workspace/nss/out/Debug/../../lib/util/secasn1d.c:2952:13
[task 2025-06-12T11:16:45.443+00:00] #23 0x5632cc297ee7 in SEC_PKCS12DecoderUpdate /builds/worker/workspace/nss/out/Debug/../../lib/pkcs12/p12d.c:1297:10
[task 2025-06-12T11:16:45.443+00:00] #24 0x5632cc28cd43 in LLVMFuzzerTestOneInput /builds/worker/workspace/nss/out/Debug/../../fuzz/targets/pkcs12.cc:37:18
|
Assignee | |
Updated•6 months ago
|
Severity: N/A → S4
|
||
Updated•3 months ago
|
Whiteboard: [fuzzblocker]
|
||
Updated•3 months ago
|
Assignee: nobody → djackson
|
||
Comment 1•3 months ago
|
||
This bug prevents fuzzing from making progress; however, it has low severity. It is important for fuzz blocker bugs to be addressed in a timely manner (see here why?).
:djackson, could you consider increasing the severity?
For more information, please visit BugBot documentation.
Flags: needinfo?(djackson)
|
|
Assignee | |
Comment 2•2 months ago
|
||
|
|
Assignee | |
Comment 3•2 months ago
|
||
|
|
Assignee | |
Comment 4•2 months ago
|
||
This should encompass the changes in Bug 1964722 but it doesn't include those test cases. I'd propose letting that patch land first and I'll rebase this one upon it.
Flags: needinfo?(djackson)
Pushed by djackson@mozilla.com:
https://hg.mozilla.org/projects/nss/rev/659a53718a6c
Memory leaks in pkcs12 and pkcs7 decoders. r=nss-reviewers,rrelyea.
Status: NEW → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•