Closed Bug 315135 Opened 15 years ago Closed 15 years ago

pk12util: problem using -w option(segmentation fault)


(NSS :: Tools, defect, P1)



(Not tracked)



(Reporter: alvolkov.bgs, Assigned: neil.williams)



(1 file)

if -w <file> is used, pk12util is still asking for password. If password is given in return to the request and file does not exist, then pk12util SEGVs.

pk12util -d /export/SC/ws/nss-3.10-intr-opr/mozilla/tests_results/security/goa1.41/ -i /export/SC/ws/nss-3.10-intr-opr/mozilla/tests_results/security/goa1.41/ -w ../pwd 
Enter Password or Pin for "NSS Certificate DB":
No password file "../pwd" exists.
Segmentation fault (core dumped)
It is correct that pk12util is asking for NSS DB password when -w option is used.
The problem is mentioned SEGV.
Could you get a stack trace from the core file?
Stack trace(linux):

#0  0x4207c1a5 in memcpy () from /lib/tls/
#1  0x0804b9d9 in P12U_GetP12FilePassword (confirmPw=0x80601c0, 
    p12FilePw=0x808a230) at pk12util.c:305
#2  0x0804bc56 in P12U_ImportPKCS12Object (
    in_file=0x80601c0 "/export/SC/ws/nss-3.10-intr-opr/mozilla/tests_results/security/goa1.4/", 
    slot=0x808a230, slotPw=0xbfffe398, p12FilePw=0xbfffe390) at pk12util.c:384
#3  0x0804ce66 in main (argc=0x7, argv=0xbfffe3f4) at pk12util.c:983
#4  0x42015574 in __libc_start_main () from /lib/tls/
Reassigning to Neil.  P1 for 3.11.  
Absent null pointer check in P12U_GetP12FilePassword
Assignee: wtchang → neil.williams
Priority: -- → P1
Target Milestone: --- → 3.11
The read password file routine already prints an error message and returns a null string when the file cannot be found. This patch aborts the operation in the caller (for any of the PK12 operations).
Attachment #202606 - Flags: review?(nelson)
Comment on attachment 202606 [details] [diff] [review]
patch to check for nonexistent pw file and abort when it occurs.

This patch does fix the crash.  It doesn't set the NSPR error code, but I see that the program pays no attention to that error code anyway.  There needs to be a separate bug filed about the lack of error handling in pk12util.
Attachment #202606 - Flags: review?(nelson) → review+
The bug about pk12util error reporting is bug 77290 .

Make that bug 72290, even.
Checking in pk12util.c;
/cvsroot/mozilla/security/nss/cmd/pk12util/pk12util.c,v  <--  pk12util.c
new revision: 1.32; previous revision: 1.31
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.