291542 - regression crash in certutil when request has no attributes

Status: RESOLVED FIXED

(NSS :: Tools, defect, P1)

Description

[Nelson Bolyard (seldom reads bugmail)]

A cert request that is encoded with an empty set of attributes will cause
certutil -C to crash.  I will attach a cert request that causes this.

This is a regression in 3.10.  Prior to 3.10, certutil completely ignored
the cert attributes in a request.  Now it honors them, but doesn't like 
an empty set.

The command 
  certutil -C -c local_ca -v 240 -i certreq -o agent.cert -d localca
where local_ca is the nickname of a cacert for which we have the priv key
will crash.  

Patch forthcoming.

Julien and I think that we should respin 3.10 RTM for this.
(Please send any objections to that plan to the mozilla-nssdev-ext list!)

We may also want to take fixes for a couple other bugs at this time.
Those were bugs that were not bad enough to warrant a respin on their
own, but are bad enough to warrant including the fix if we're going to 
respin for other reasons.

Comment 1

[Nelson Bolyard (seldom reads bugmail)]

marking P1 for 3.10

Comment 2

[Nelson Bolyard (seldom reads bugmail)]

Attachment: sample certreq

certreq that triggers the crash

Comment 3

[Nelson Bolyard (seldom reads bugmail)]

Attachment: patch v1

Julien, please review

Comment 4

[Neil Williams]

*** Bug 291545 has been marked as a duplicate of this bug. ***

Comment 5

[Neil Williams]

Seems to do the trick. I ran the test suite with this patch and all is green.

As an aside https://bugzilla.mozilla.org/show_bug.cgi?id=291545 (marked as a dup
of this) also noted that this version of certutil creates CSRs with an extension
request sequence even when there are none specified. I'll look into this and
open another bug if it seems to be a real bug.

Comment 6

[Nelson Bolyard (seldom reads bugmail)]

Checking in certutil.c;  new revision: 1.94; previous revision: 1.93