Closed
Bug 1985058
Opened 10 months ago
Closed 8 months ago
NSSDatabase::~NSSDatabase(): Assertion `NSS_Shutdown() == SECSuccess' failed
Categories
(NSS :: Libraries, defect, P1)
NSS
Libraries
Tracking
(firefox-esr115 wontfix, firefox-esr140 wontfix, firefox144 wontfix, firefox145 wontfix, firefox146 fixed)
People
(Reporter: mdauer, Assigned: mdauer)
References
(Blocks 1 open bug)
Details
(Keywords: sec-audit, Whiteboard: [fuzzblocker][adv-main146+r])
Attachments
(1 file)
OSS-Fuzz: https://oss-fuzz.com/testcase-detail/5634135748313088
We hit this assertion very frequently for the PKCS7 fuzz target. It doesn't reproduce reliably unfortunately, running with valgrind also didn't reveal anything interesting for me. We should investigate further.
| Assignee | ||
Updated•9 months ago
|
Whiteboard: [fuzzblocker]
| Assignee | ||
Comment 1•8 months ago
|
||
| Assignee | ||
Comment 2•8 months ago
|
||
I looked a bit into this and from what I can tell, we just forget to destroy a certificate. We can remove the security restrictions.
Updated•8 months ago
|
Severity: -- → S3
Priority: -- → P1
Pushed by nkulatova@mozilla.com:
https://hg.mozilla.org/projects/nss/rev/a4e27f3fef2a
Destroy certificate on error paths, r=nss-reviewers,rrelyea
Status: NEW → RESOLVED
Closed: 8 months ago
Resolution: --- → FIXED
Updated•8 months ago
|
Group: crypto-core-security → core-security-release
Updated•8 months ago
|
Assignee: nobody → mdauer
status-firefox144:
--- → wontfix
status-firefox145:
--- → wontfix
status-firefox146:
--- → fixed
status-firefox-esr115:
--- → wontfix
status-firefox-esr140:
--- → wontfix
Updated•7 months ago
|
QA Whiteboard: [sec] [qa-triage-done-c147/b146]
Updated•7 months ago
|
Whiteboard: [fuzzblocker] → [fuzzblocker][adv-main146+r]
Updated•1 month ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•