Closed
Bug 333389
Opened 19 years ago
Closed 19 years ago
sftk_NewAttribute should not crash when so is NULL [@ sftk_NewAttribute]
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.1
People
(Reporter: timeless, Assigned: alvolkov.bgs)
References
()
Details
(Keywords: coverity, crash, Whiteboard: CID 228)
Crash Data
Attachments
(1 file)
|
966 bytes,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
Code that uses PORT_Assert expects to die. if it doesn't, it'll crash later.
Unfortunately, PR_ASSERT is only fatal in some builds. If you want to be always fatal, you're supposed to use PR_Assert directly.
See http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/softoken/pkcs11u.c&rev=1.70&mark=64,67-69,83#58
for a case where coverity complained
|
||
Comment 1•19 years ago
|
||
PORT_Assert is only fatal in DEBUG builds, by design.
I think the essence of this bug report is that, in non-DEBUG builds,
sftk_NewAttribute() crashes when so is NULL, rather failing gracefully.
Is that assessment of this bug correct?
yes. i kinda presumed that the fault was in PORT_Assert not doing as the code expected. but if PORT_Assert really wants the behavior it has, then i'll gladly morph this bug to what coverity originally implicated instead of what i divined:
if sftk_narrowToSessionObject returns null we crash.
Keywords: crash
Summary: PORT_Assert isn't always fatal → [@ sftk_NewAttribute]
|
|
||
Comment 3•19 years ago
|
||
Is this crash actually being seen, at all?
If not, this is P3 at most.
Priority: -- → P3
Summary: [@ sftk_NewAttribute] → sftk_NewAttribute should not crash when so is NULL [@ sftk_NewAttribute]
Version: unspecified → 3.11
if i have steps or talkback bits, i'd include them. the bugs i'm filing w/ coverity keywords are direct from scan.coverity.com w/ their analysis replaced by my hand written bonsai links.
i really don't care when you fix bugs. but in general the coverity bugs i file are simple, and i am semi actively recruiting newbies to work on such bugs, so don't be surprised if someone else posts a patch before you do (especially the longer you take to get to the bug).
|
|
||
Updated•19 years ago
|
Target Milestone: --- → 3.11.1
|
Assignee | |
Comment 5•19 years ago
|
||
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #219802 -
Flags: review?(rrelyea)
|
|
||
Comment 6•19 years ago
|
||
Comment on attachment 219802 [details] [diff] [review]
return null if SFTKSessionObject is NULL
r=nelson
Attachment #219802 -
Flags: review?(rrelyea) → review+
|
|
Assignee | |
Comment 7•19 years ago
|
||
tip:
/cvsroot/mozilla/security/nss/lib/softoken/pkcs11u.c,v <-- pkcs11u.c
new revision: 1.72; previous revision: 1.71
3.11 branch:
/cvsroot/mozilla/security/nss/lib/softoken/pkcs11u.c,v <-- pkcs11u.c
new revision: 1.69.2.3; previous revision: 1.69.2.2
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
|
|
||
Comment 8•19 years ago
|
||
Please also check this in on the NSS_3_11_1_BRANCH
|
|
Assignee | |
Comment 9•19 years ago
|
||
3.11.1:
/cvsroot/mozilla/security/nss/lib/softoken/pkcs11u.c,v <-- pkcs11u.c
new revision: 1.69.2.2.2.1; previous revision: 1.69.2.2
|
||
Updated•14 years ago
|
Crash Signature: [@ sftk_NewAttribute]
You need to log in
before you can comment on or make changes to this bug.
Description
•