sslsample maybe crashed when provide an invalid client cert

RESOLVED WONTFIX

Status

NSS
Tools
P5
normal
RESOLVED WONTFIX
14 years ago
12 years ago

People

(Reporter: liupeng, Assigned: Nelson Bolyard (seldom reads bugmail))

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.0.3705)
Build Identifier: NSS3.9 sslsample

In sslsample server.c function setupSSLSocket,line 260,as follow:
    secStatus = SSL_BadCertHook(sslSocket,
                             (SSLBadCertHandler)myBadCertHandler, &certErr);
    And in sslsample.c function myBadCertHandler line 179,as follow:
    *(PRErrorCode *)arg = err = PORT_GetError();
    I guess when an invalid client cert provide,it will call
myBadCertHandler,and set error to arg.
    But unfortunately,the arg certErr is declared in function
setupSSLSocket,when this function exit,the memoryspace allocate for certErr
was took back by OS.And when myBadCertHandler was called,it will use an
invalid address to set error code.


Reproducible: Sometimes
Steps to Reproduce:
1.
2.
3.

Updated

14 years ago
Assignee: wchang0222 → nelson
Status: UNCONFIRMED → NEW
Ever confirmed: true
(Assignee)

Updated

13 years ago
QA Contact: bishakhabanerjee → jason.m.reid
(Assignee)

Updated

12 years ago
QA Contact: jason.m.reid → tools
(Assignee)

Comment 1

12 years ago
I have filed bug 359302, which requests that the non-exemplary sslsample 
source code be expunged from the NSS source tree.  
Blocks: 359302
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Priority: -- → P5
Resolution: --- → WONTFIX
Target Milestone: --- → 3.12
Version: unspecified → 3.9
You need to log in before you can comment on or make changes to this bug.