User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4b) Gecko/20030516 Mozilla Firebird/0.6 Build Identifier: Signed e-mail, that is attached to this bug, crashes mozilla mail when I try to view it. Reproducible: Always Steps to Reproduce: Try to view the e-mail. Actual Results: Mail app crashes. On Windows, talkback doesn't come up. On Linux talkback agent comes up. Expected Results: Open the e-mail, display that it is signed. Reproduced on Mozilla mail 1.4 [Windows, Linux], Thunderbird 1.0a (20030708) [Windows].
Details about the certificate used to sign this e-mail: Generated with OpenSSL, not signed by any CA.
confirming using build 20030716 on Win2k: TB21968788W.
Keywords: crash, stackwanted
Looks like same stack as bug 113741 which is closed as fixed ? Dup ?
Keywords: stackwanted → testcase
Summary: signed e-mail crashes mozilla → signed e-mail crashes mozilla [@SECITEM_Hash]
I got the same stack as in comment 4 on Linux with a debug build 20030717: (gdb) frame 0 #0 0x43e816ca in SECITEM_Hash (key=0xd8) at secitem.c:259 259 PRUint8 *data = (PRUint8 *)item->data; (gdb) frame 1 #1 0x400c7f57 in PL_HashTableLookupConst (ht=0x871d558, key=0xd8) at plhash.c:404 404 keyHash = (*ht->keyHash)(key);
Assignee: sspitzer → wtc
Component: Security: General → Libraries
Product: MailNews → NSS
QA Contact: junruh → bishakhabanerjee
Version: Trunk → unspecified
Julien, could you take a look at this crash? Thanks.
Assignee: wtc → jpierre
Priority: -- → P2
Target Milestone: --- → 3.9
Olivier: could you attach the full stack trace from your Linux debug build? Thanks.
Looks like a dupe of 213084 ?
This is definitely a dupe of bug 213084. Julien, maybe you want to take that bug. *** This bug has been marked as a duplicate of 213084 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → DUPLICATE
submittor, please also attach a copy of your cert8.db file. That is necessary to determine the exact cause of the NULL pointer. Key db is not necessary (I think)
submittor, you don't need to attach your cert DB after all. The signed message contained a self-issued certificate whose subject name was CN=jhu,CN=Trust List Signer,CN=SP-EXT2 (Note, it's HIGHLY unusual for certs to have multiple CommonNames, but that's not the problem here.) This cert's Validity period contains two dates, one of which is encoded as a UTCTime and the other is encoded as a GeneralizedTime. It is a known bug (bug 143334) that NSS does not support GeneralizedTime in certificate Validity dates. That is the cause of the NULL pointer that occurred in processing the attached message, which was undetected. As a workaround, I suggest using certs whose validity periods are much shorter, say 10 years. This should cause them to be encoded as UTCTimes, and NSS will be happy.
Comment on attachment 127944 [details] E-mail that is crashing Mozilla mail and Thinderbird. CHanging MIME type so we can look at this mail
Attachment #127944 - Attachment mime type: message/rfc822 → text/plain
Created attachment 138929 [details] cert with GeneralizedTime date after year 2050 This is the cert (extracted from the signed email above) on which mozilla stumbled.
You need to log in before you can comment on or make changes to this bug.