Closed
Bug 339908
Opened 18 years ago
Closed 18 years ago
Coverity 3 NULL ptr crashes when PK11_GetBestSlot returns NULL
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.2
People
(Reporter: nelson, Assigned: alvolkov.bgs)
Details
(Keywords: coverity, Whiteboard: [CID 881 882 883])
Attachments
(1 file)
|
2.81 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
This bug is coverity CIDs 881, 882, and 883. The same bug exists in functions SECKEY_CreateDHPrivateKey SECKEY_CreateECPrivateKey SECKEY_CreateRSAPrivateKey All 3 functions call PK11_GetBestSlot and do not check its return value for NULL. Then they pass that slot pointer unconditionally to PK11_FreeSlot(slot), which dereferences that slot pointer.
|
Reporter | |
Updated•18 years ago
|
Priority: -- → P2
Target Milestone: --- → 3.11.2
|
Assignee | |
Comment 1•18 years ago
|
||
Check "slot" for NULL value. If it is return from function with NULL. Error code is set in PK11_GetBestSlot.
Attachment #224228 -
Flags: review?(nelson)
|
|
Reporter | |
Comment 2•18 years ago
|
||
Comment on attachment 224228 [details] [diff] [review] check "slot" for NULL value r=nelson
Attachment #224228 -
Flags: review?(nelson) → review+
|
|
Assignee | |
Comment 3•18 years ago
|
||
tip: /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.43; previous revision: 1.42 3.11 branch: /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.36.2.6; previous revision: 1.36.2.5
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Updated•18 years ago
|
Whiteboard: [CID 881 882 883]
|
||
Updated•18 years ago
|
Summary: 3 NULL ptr crashes when PK11_GetBestSlot returns NULL → Coverity 3 NULL ptr crashes when PK11_GetBestSlot returns NULL
You need to log in
before you can comment on or make changes to this bug.
Description
•