Closed Bug 334454 Opened 19 years ago Closed 19 years ago

Variable "(key)->pkcs11Slot" tracked as NULL was passed to a function that dereferences it. [@ SECKEY_CopyPrivateKey - SSL_ConfigSecureServer]

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.11
Platform:
All
Linux
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.1

People

(Reporter: timeless, Assigned: alvolkov.bgs)

References

(
URL
)

Details

(Keywords: coverity, crash, Whiteboard: CID 208)

Crash Data

Attachments

(1 file)

verify that slot is not null
795 bytes, patch
nelson
: review+
Details | Diff | Splinter Review
found by coverity
Target Milestone: --- → 3.11.1
Priority: -- → P2
Hardware: PC → All
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #219769 - Flags: review?(nelson)
Comment on attachment 219769 [details] [diff] [review] verify that slot is not null r=nelson, when you make the following edits: >Index: seckey.c >=================================================================== >RCS file: /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v >retrieving revision 1.40 >diff -U10 -r1.40 seckey.c >--- seckey.c 25 Apr 2006 02:23:52 -0000 1.40 >+++ seckey.c 25 Apr 2006 17:17:54 -0000 >@@ -1493,21 +1493,21 @@ > } > return 0; > } > > SECKEYPrivateKey * > SECKEY_CopyPrivateKey(const SECKEYPrivateKey *privk) > { > SECKEYPrivateKey *copyk; > PRArenaPool *arena; > >- if (privk == NULL) { >+ if (!privk || !privk->pkcs11Slot) { Here, add + PORT_SetError(SEC_ERROR_INVALID_ARGS); > return NULL; > } > > arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); > if (arena == NULL) { > PORT_SetError (SEC_ERROR_NO_MEMORY); Check that PORT_NewArena sets that error code, and then remove that redundant PORT_SetError call. > return NULL; > }
Attachment #219769 - Flags: review?(nelson) → review+
tip: /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.41; previous revision: 1.40 3.11 branch: /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.36.2.5; previous revision: 1.36.2.4
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
3.11.1 branch: /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.36.2.4.2.1; previous revision: 1.36.2.4
CID 208
Whiteboard: CID 208
Crash Signature: [@ SECKEY_CopyPrivateKey - SSL_ConfigSecureServer]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: