Closed
Bug 293687
Opened 19 years ago
Closed 14 years ago
many NSS command-line tools may crash with missing argument values
Categories
(NSS :: Tools, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.7
People
(Reporter: julien.pierre, Assigned: elio.maldonado.batiz)
References
Details
Attachments
(2 files)
24.48 KB,
patch
|
Details | Diff | Splinter Review | |
271 bytes,
application/x-sh
|
Details |
The following tools may crash when passed command-line options without values. Their code needs to be tested and reviewed. This is because the PL_GetNextOpt function does not check for argument values . SSLsample addbuiltin atob bltest btoa certcgi certutil cgi checkcert cipher cmdlib crlutil crmf-cgi crmftest dbck dbdump dbtest derdump digest doc fipstest ilock include keyutil lib modutil nssutil ocspclnt oidcalc p7content p7env p7sign p7verify pk11util pk12util pkiutil pp preenc pwdecrypt regress replacer reporter revoker rsaperf samples sdrtest selfserv shlibsign signtool signver smimetools sslstrength ssltap strsclnt swfort symkeyutil tests tstclnt ttformat vfychain vfyserv zlib
Reporter | ||
Comment 1•19 years ago
|
||
Woops. I was a bit too quick when pasting this list. The following tools should not be in this list : certutil, addbuiltin, blapitest, pk12util, symkeyutil, dbck - see bug 292390 signver - see bug 293686
Updated•19 years ago
|
QA Contact: bishakhabanerjee → jason.m.reid
Reporter | ||
Updated•19 years ago
|
Summary: many NSS tools may crash with missing argument values → many NSS command-line tools may crash with missing argument values
Reporter | ||
Comment 2•19 years ago
|
||
We should consider not using PL_GetNextOpt in any tool that doesn't check optstate->value . There should be an alternative function that checks for the argument value presence, and the tools should be changed to use it. Raising priority.
Priority: -- → P1
Target Milestone: --- → 3.11
Reporter | ||
Comment 3•19 years ago
|
||
This doesn't need to be P1, since this type of crash is not exploitable.
Priority: P1 → P2
Reporter | ||
Comment 5•19 years ago
|
||
*** Bug 316758 has been marked as a duplicate of this bug. ***
Updated•18 years ago
|
QA Contact: jason.m.reid → tools
Updated•18 years ago
|
Target Milestone: 3.11 → 3.11.1
Updated•18 years ago
|
Target Milestone: 3.11.1 → 3.11.2
Reporter | ||
Comment 6•18 years ago
|
||
Retargetting all P2s to 3.11.3 .
Target Milestone: 3.11.2 → 3.11.3
Comment 7•18 years ago
|
||
Change to parser of cmd line argument will happen in 3.12. Retargeting this bug to 3.12.
Target Milestone: 3.11.3 → 3.12
Updated•17 years ago
|
Assignee: alexei.volkov.bugs → biswatosh2001
Updated•17 years ago
|
Status: NEW → ASSIGNED
Comment 8•17 years ago
|
||
Julien, 1)Certain commands(e.g client) don't crash upon not giving any argument value. The reason is, client needs a hostname as the last argument and if we run "$client -n myhost", it takes myhost as nickname and doesnot find the hostname agrument and returns error. Similarly, many other commands may not crash. But certain commands do crash, such as "$crlutil -L -n" as there is no such "saver" argument, which can help avoid a crash. 2)Even if a command is not crashing for such interesting reasons, I think it is wrong and we should solve it. One way is, for each such command which uses PL_GetNextOpt(), check for any missing argument value. Another way is, don't use PL_GetnextOpt() but use SECU_ParseCommandLine() instead, just as certutil and a few other cmds are doing. And the third option is to write a function similar to PL_GetNextOpt(), but which checks for argument values. In comment#2, was that your idea?
Comment 9•15 years ago
|
||
Unsetting target milestone in unresolved bugs whose targets have passed.
Target Milestone: 3.12 → ---
Updated•15 years ago
|
Assignee: biswatosh2001 → nobody
Assignee | ||
Updated•14 years ago
|
Assignee: nobody → emaldona
Assignee | ||
Updated•14 years ago
|
Target Milestone: --- → 3.12.7
Assignee | ||
Comment 10•14 years ago
|
||
The lack of validation for missing required arguments to command line options by the tools has been independently brought to my attention by Red Hat Quality Engineering folks as well. It's about time we addressed this so I'm taking this bug.
Assignee | ||
Comment 11•14 years ago
|
||
This patch ensures that when a command line option requires an argument the value isn't NULL before trying a string duplicate on the value. Upon failure the tools print which option requires and argument followed by the general usage message and exit. This patch still keeps the tools use of PL_GetOpt for now. Switching to SECU_ParseCommand seems preferable and if you wish I am willing to pursue that approach.
Assignee | ||
Comment 12•14 years ago
|
||
s/PL_GetOpt/PL_GetNextOpt and s/SECU_ParseCommand/SECU_ParseCommandLine in the comments above.
Assignee | ||
Comment 13•14 years ago
|
||
Because of other commitments I don't currently have the time to do the preferred fix style, change the tools to use SECU_ParseCommandLine, I am going to request a review of this patch as it is. We can always enter a separate bug for the more elaborate fix at a later time.
Assignee | ||
Updated•14 years ago
|
Attachment #430880 -
Flags: review?(rrelyea)
Comment 14•14 years ago
|
||
Elio, In light of the recent resolution of Bug 547677, it's possible that with the new version of NSPR (which contains the fix for that bug), THIS NSS bug will no longer be reproducible. It might be a good use of your time to test that theory quickly with a build of NSS and NSPR from the tip of the trunk.
Comment 15•14 years ago
|
||
Comment on attachment 430880 [details] [diff] [review] Add option argument validation to various tools I'm cancelling unless the NSPR fix can be shown to be incorrrect. The only potential surviving elements of this patch is the addition of const for the Usage argument. bob
Attachment #430880 -
Flags: review?(rrelyea)
Assignee | ||
Comment 16•14 years ago
|
||
This was submitted with the original bug report. I used it to verify the fix.
Assignee | ||
Comment 17•14 years ago
|
||
(In reply to comment #14) I can verify that the NSPR fix is sufficient and this patch is not needed.
Assignee | ||
Updated•14 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•