Closed Bug 291542 Opened 16 years ago Closed 16 years ago
regression crash in certutil when request has no attributes
A cert request that is encoded with an empty set of attributes will cause certutil -C to crash. I will attach a cert request that causes this. This is a regression in 3.10. Prior to 3.10, certutil completely ignored the cert attributes in a request. Now it honors them, but doesn't like an empty set. The command certutil -C -c local_ca -v 240 -i certreq -o agent.cert -d localca where local_ca is the nickname of a cacert for which we have the priv key will crash. Patch forthcoming. Julien and I think that we should respin 3.10 RTM for this. (Please send any objections to that plan to the mozilla-nssdev-ext list!) We may also want to take fixes for a couple other bugs at this time. Those were bugs that were not bad enough to warrant a respin on their own, but are bad enough to warrant including the fix if we're going to respin for other reasons.
marking P1 for 3.10
Priority: -- → P1
Target Milestone: --- → 3.10
certreq that triggers the crash
Julien, please review
Attachment #181590 - Flags: review?(julien.pierre.bugs)
Attachment #181590 - Flags: review?(julien.pierre.bugs) → review+
*** Bug 291545 has been marked as a duplicate of this bug. ***
Seems to do the trick. I ran the test suite with this patch and all is green. As an aside https://bugzilla.mozilla.org/show_bug.cgi?id=291545 (marked as a dup of this) also noted that this version of certutil creates CSRs with an extension request sequence even when there are none specified. I'll look into this and open another bug if it seems to be a real bug.
Checking in certutil.c; new revision: 1.94; previous revision: 1.93
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.