Closed Bug 325307 Opened 19 years ago Closed 19 years ago

infinite loop in SECU_FindCrlIssuer

Categories

(NSS :: Tools, defect)

Product:
NSS
Component:
Tools
Version:
3.11
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.1

People

(Reporter: alvolkov.bgs, Assigned: alvolkov.bgs)

Details

Attachments

(1 file, 1 obsolete file)

patch
2.61 KB, patch
julien.pierre
: review+
wtc
: review+
Details | Diff | Splinter Review 
The function will be executed indefinitely since the "node" is not switched to the
next in a list in the "while" loop body.
Alexei, thanks for finding these bugs.  
Since you've done the hard work (finding the bugs), 
please attach patches to fix them.
Assignee: wtchang → alexei.volkov.bugs
Target Milestone: --- → 3.11.1
Version: 3.11.1 → 3.11
Attached patch patch (obsolete) — Splinter Review 
change "node" to next if node's cert is not the signing cert.
also changing program flow in the loop to avoid goto.
Attachment #210407 - Flags: review?(julien.pierre.bugs)
Comment on attachment 210407 [details] [diff] [review]
patch

r=wtc.  I like the elimination of the unnecessary
goto statement.  One suggested improvement: the
nested if statements can be combined into one.
Attachment #210407 - Flags: review+
Attachment #210407 - Flags: review?(julien.pierre.bugs) → review+
Attached patch patchSplinter Review 
code got cleaned up a little more.
Attachment #210429 - Flags: review?(julien.pierre.bugs)
Attachment #210429 - Flags: review?(julien.pierre.bugs) → review+
Comment on attachment 210429 [details] [diff] [review]
patch

>+                CERT_IsUserCert(cert) == PR_TRUE) {

When testing a boolean, our preferred style is to
omit == PR_TRUE, != PR_TRUE, == PR_FALSE, and
!= PR_FALSE.
Checking in secutil.c;
/cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v  <--  secutil.c
new revision: 1.71.2.1; previous revision: 1.71
done
Checking in secutil.c;
/cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v  <--  secutil.c
new revision: 1.72; previous revision: 1.71
done
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Comment on attachment 210429 [details] [diff] [review]
patch

Good code cleanup.
Attachment #210429 - Attachment is obsolete: true
Attachment #210429 - Flags: review+
Attachment #210429 - Attachment is obsolete: false
Attachment #210407 - Attachment is obsolete: true
Backported rest of fix to NSS_3_11_BRANCH
Checking in lib/secutil.c;  new revision: 1.71.2.2; previous revision: 1.71.2.1
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: