Closed Bug 283658 Opened 20 years ago Closed 20 years ago

PK11_DestroyContext destroys session then destroys key

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: nelson, Assigned: wtc)

Details

While investigating bug 283654, I noticed that PK11_DestroyContext first calls 

pk11_CloseSession(context->slot,context->session,context->ownSession);

then calls

PK11_FreeSymKey(context->key);

It appears to me that the first of these operations will invalidate the
session key handle for that key by destroying the session via C_CloseSession,
and the second will (er, may) then pass that invalidated handle to the PKCS11
module's C_DestroyObject function.  

We really don't want to be attempting to destroy objects that have 
already been destroyed, explicitly or implicitly (via C_CloseSession).
It's wrong, wastes time, and may destroy an object handle that has been 
reissued by the module to another thread.
The code is correct.

Keys do not have the same session as contexts for historical reasons. 
(They are created before the contexts, and they may be used by more than one
context).

If we do have some case where the context session is inherited from the key, the
contest session should not be 'owned' by the context (that would be a bug in the
code that created the context).

bob
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.