signed e-mail crashes mozilla [@SECITEM_Hash]

RESOLVED DUPLICATE of bug 213084

Status

NSS
Libraries
P2
critical
RESOLVED DUPLICATE of bug 213084
15 years ago
15 years ago

People

(Reporter: Pavol Vaskovic, Assigned: Julien Pierre)

Tracking

({crash, testcase})

unspecified
crash, testcase

Firefox Tracking Flags

(Not tracked)

Details

(crash signature)

Attachments

(3 attachments)

(Reporter)

Description

15 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4b) Gecko/20030516 Mozilla Firebird/0.6
Build Identifier: 

Signed e-mail, that is attached to this bug, crashes mozilla mail when I try to
view it. 

Reproducible: Always

Steps to Reproduce:
Try to view the e-mail.
Actual Results:  
Mail app crashes. On Windows, talkback doesn't come up. On Linux talkback agent
comes up.

Expected Results:  
Open the e-mail, display that it is signed.

Reproduced on Mozilla mail 1.4 [Windows, Linux], Thunderbird 1.0a (20030708)
[Windows].
(Reporter)

Comment 1

15 years ago
Created attachment 127944 [details]
E-mail that is crashing Mozilla mail and Thinderbird.
(Reporter)

Comment 2

15 years ago
Details about the certificate used to sign this e-mail:
Generated with OpenSSL, not signed by any CA.

Comment 3

15 years ago
confirming using build 20030716 on Win2k: TB21968788W.
Keywords: crash, stackwanted
Whiteboard: TB21968788W.

Comment 4

15 years ago
Created attachment 127961 [details]
Stack trace from crashing mozilla

Comment 5

15 years ago
Looks like same stack as bug 113741 which is closed as fixed ? 
Dup ?

Updated

15 years ago
Keywords: stackwanted → testcase
Summary: signed e-mail crashes mozilla → signed e-mail crashes mozilla [@SECITEM_Hash]
Whiteboard: TB21968788W.

Comment 6

15 years ago
I got the same stack as in comment 4 on Linux with a debug build 20030717:

(gdb) frame 0
#0  0x43e816ca in SECITEM_Hash (key=0xd8) at secitem.c:259
259         PRUint8 *data = (PRUint8 *)item->data;
(gdb) frame 1
#1  0x400c7f57 in PL_HashTableLookupConst (ht=0x871d558, key=0xd8)
    at plhash.c:404
404         keyHash = (*ht->keyHash)(key);
Assignee: sspitzer → wtc
Component: Security: General → Libraries
Product: MailNews → NSS
QA Contact: junruh → bishakhabanerjee
Version: Trunk → unspecified

Comment 7

15 years ago
Julien, could you take a look at this crash?  Thanks.
Assignee: wtc → jpierre
Priority: -- → P2
Target Milestone: --- → 3.9

Comment 8

15 years ago
Olivier: could you attach the full stack trace from
your Linux debug build?  Thanks.
Looks like a dupe of 213084 ?
This is definitely a dupe of bug 213084.  Julien, maybe you want to take that bug.

*** This bug has been marked as a duplicate of 213084 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → DUPLICATE
submittor, please also attach a copy of your cert8.db file.
That is necessary to determine the exact cause of the NULL pointer.  
Key db is not necessary (I think)
submittor, you don't need to attach your cert DB after all.

The signed message contained a self-issued certificate whose subject name was
CN=jhu,CN=Trust List Signer,CN=SP-EXT2
(Note, it's HIGHLY unusual for certs to have multiple CommonNames, but that's
not the problem here.)

This cert's Validity period contains two dates, one of which is encoded as
a UTCTime and the other is encoded as a GeneralizedTime.

It is a known bug (bug 143334) that NSS does not support GeneralizedTime in
certificate Validity dates.  That is the cause of the NULL pointer that 
occurred in processing the attached message, which was undetected.  As a
workaround, I suggest using certs whose validity periods are much shorter,
say 10 years.  This should cause them to be encoded as UTCTimes, and NSS
will be happy.
Comment on attachment 127944 [details]
E-mail that is crashing Mozilla mail and Thinderbird.

CHanging MIME type so we can look at this mail
Attachment #127944 - Attachment mime type: message/rfc822 → text/plain
Created attachment 138929 [details]
cert with GeneralizedTime date after year 2050

This is the cert (extracted from the signed email above) on which mozilla
stumbled.
Crash Signature: [@SECITEM_Hash]
You need to log in before you can comment on or make changes to this bug.