Closed Bug 336128 Opened 18 years ago Closed 18 years ago

Missing out-of-memory checks in security/nss/lib/freebl/mpi/utils/*

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: vda, Unassigned)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20060320 Firefox/1.5
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20060320 Firefox/1.5

security/nss/lib/freebl/mpi/utils/fact.c:76
    buf = malloc(len);
    mp_todecimal(&a, buf);

    puts(buf);

security/nss/lib/freebl/mpi/utils/dec2hex.c:62
  buf = malloc(len);
  mp_toradix(&a, buf, 16);

  printf("%s\n", buf);

security/nss/lib/freebl/mpi/utils/prng.c:73
  seed = malloc(bbs_seed_size);
  for(ix = 0; ix < bbs_seed_size; ix++) {
    seed[ix] = rand() % UCHAR_MAX;
  }

security/nss/lib/freebl/mpi/utils/hex2dec.c:62
  buf = malloc(len);
  mp_toradix(&a, buf, 10);

  printf("%s\n", buf);

security/nss/cmd/crmf-cgi/crmfcgi.c:224
  var = malloc(sizeof(CGIVariable));
  var->name = form_output;
  var->value = &equal[1];
  varTable->variables[varTable->numVars] = var;
  varTable->numVars++;
...
  varTable->variables = malloc(sizeof(CGIVariable*)*DEFAULT_CGI_VARS);
  varTable->numVars = 0;
  varTable->numAlloc = DEFAULT_CGI_VARS;

security/nss/cmd/swfort/instinit/instinit.c:242
    file.data = malloc(size);
    file.len = size;

    file.len = PR_Read(fd,file.data,file.len);

security/nss/cmd/bltest/blapitest.c:2624
        param = malloc(100);
        len = fread(param, 1, 100, file);

security/nss/cmd/pwdecrypt/pwdecrypt.c:320
           result.data = malloc(inText->len+1);
           result.len = inText->len+1;
           rv = PK11SDR_Decrypt(inText, &result, NULL);


Reproducible: Always
Getting the hint yet ?
Assignee: nobody → nobody
Component: General → Libraries
Product: Firefox → NSS
QA Contact: general → libraries
All these bug reports about OOM errors in the NSS QA test program sources
are not terribly useful.  Expect them to be marked WONTFIX or made very low
priority.
Summary: Missing out-of-memory checks in security/nss/* → Missing out-of-memory checks in security/nss/cmd/*
Tiny little unit test programs like this don't run out of memory.
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → WONTFIX
Summary: Missing out-of-memory checks in security/nss/cmd/* → Missing out-of-memory checks in security/nss/lib/freebl/mpi/utils/*
You need to log in before you can comment on or make changes to this bug.