Closed
Bug 233019
Opened 21 years ago
Closed 21 years ago
CERT_FindCertByKeyID crashes using NULL ptr
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.10
People
(Reporter: nelson, Assigned: nelson)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
1.48 KB,
patch
|
julien.pierre
:
review+
|
Details | Diff | Splinter Review |
CERT_FindCertByKeyID is needed to find the CA cert that issued a CRL. But the present implementation is badly broken. It uses a cert pointer that is always NULL. I have coded and tested a fix. Patch forthcoming.
Assignee | ||
Comment 1•21 years ago
|
||
Marking p2 for NSS 3.10. If desired, this patch can be put in 3.9.1
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.10
Assignee | ||
Comment 2•21 years ago
|
||
This patch fixes several bugs: 1) it passes the correct pointer (not NULL) to SECITEM_ItemsAreEqual 2) It terminates the loop when it reaches the end of the circular doubly-linked list of cert nodes 3) It frees the cert list before returning. 4) It sets the error code if it fails to find any matching certs.
Assignee | ||
Comment 3•21 years ago
|
||
Comment on attachment 140570 [details] [diff] [review] patch v1 Julien, Please review.
Attachment #140570 -
Flags: review?(jpierre)
Comment 4•21 years ago
|
||
Comment on attachment 140570 [details] [diff] [review] patch v1 Fix looks good. It would be nice if we cached the certs by keyID in a hash table, rather that looping over everything to do the lookup, but this would probably belong in another layer (cert cache, stan?).
Attachment #140570 -
Flags: review?(jpierre) → review+
Assignee | ||
Comment 5•21 years ago
|
||
/cvsroot/mozilla/security/nss/lib/certdb/stanpcertdb.c,v <-- stanpcertdb.c new revision: 1.63; previous revision: 1.62 Thanks for the review.
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•