Closed Bug 235617 Opened 20 years ago Closed 20 years ago

CERT_DecodeTrustString crashes if either input arg is NULL

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Assigned: nelson)

Details

Attachments

(1 file)

patch v1
877 bytes, patch
wtc
: review+
Details | Diff | Splinter Review 
This bug is shown by the same test program used in bug 39495.
Patch forthcoming.
Attached patch patch v1Splinter Review 
This patch detects NULL pointers and returns error SEC_ERROR_INVALID_ARGS, but
it still initializes the trust flags to zero, if it can.
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.10
Attachment #142268 - Flags: review?(wchang0222)
Comment on attachment 142268 [details] [diff] [review]
patch v1

r=wtc.

Can we test for both a null 'trust' and a null 'trusts'
at the beginning of the function, before we start to
set trust->xxxFlags to 0?  That is:

+    if (!trust || !trusts) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return SECFailure;
+    }
     trust->sslFlags = 0;
     trust->emailFlags = 0;
     trust->objectSigningFlags = 0;
Attachment #142268 - Flags: review?(wchang0222) → review+
Comment on attachment 142268 [details] [diff] [review]
patch v1

OK, I saw that you did that intentionally.

My previous comment showed that the new code
will be prone to mistakes by a future maintainer.
I expect that a function has no side effect if
it fails.  If that's not the case, I guess we
can document it...
I coded it this way so that the trust flags would get initialized, even
if nothing else happened.

/cvsroot/mozilla/security/nss/lib/certdb/certdb.c,v  <--  certdb.c
new revision: 1.64; previous revision: 1.63
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: