Tinderboxes are showing orange (tests failing) from around 4:00 pm on Friday, on all platforms. The particular test that is failing is in the S/MIME tests section: Verify Certs-Only by CA Attaching output log and results file next. Have already notified Nelson verbally of the problem, and he is looking at it.
From the output log: smime.sh: Sending CERTS-ONLY Message ------------------------------ cmsutil -O -r "Alice,email@example.com,firstname.lastname@example.org" \ -d ../alicedir > co.der smime.sh: Create Certs-Only Alice . PASSED cmsutil -D -i co.der -d ../bobdir cmsutil: failed to decode message. cmsutil: problem decoding: security library: invalid arguments. smime.sh: Verify Certs-Only by CA . FAILED
This bug is a regression introduced by Nelson's fix for http://bugscape.nscp.aoltw.net/show_bug.cgi?id=54256.
Priority: -- → P1
Target Milestone: --- → 3.9
This regression was caused by my recent rewrite of NSS_CMSDigestContext_StartMultiple. That change disallowed a context with zero digests in it. I will attach a patch that once again allows zero digests in the context.
Created attachment 137534 [details] [diff] [review] patch v1 - allow Digest Context to have zero digests in it
Comment on attachment 137534 [details] [diff] [review] patch v1 - allow Digest Context to have zero digests in it Julien - please reivew
Attachment #137534 - Flags: review?(jpierre)
Attachment #137534 - Flags: superreview?(wchang0222)
Comment on attachment 137534 [details] [diff] [review] patch v1 - allow Digest Context to have zero digests in it r=wtc. Note that this code depends on the (undocumented?) property of PORT_ArenaZNewArray that it returns a non-NULL pointer if the third argument (number of array elements) is zero.
Attachment #137534 - Flags: superreview?(wchang0222) → superreview+
Thanks for the reviews. /cvsroot/mozilla/security/nss/lib/smime/cmsdigest.c,v <-- cmsdigest.c new revision: 1.6; previous revision: 1.5 Yes, this code relies on the behavior of the PORT_[Arena][Z}Alloc() functions, which return a non-null pointer, even when the requested size is zero (unless an out of memory condition occurs). I believe there is much code in NSS that relies on this.
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.