Closed
Bug 339915
Opened 18 years ago
Closed 18 years ago
Coverity 874, NULL cert ptr crash in NSS_CMSRecipientInfo_WrapBulkKey
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.3
People
(Reporter: nelson, Assigned: nelson)
Details
(Keywords: coverity, Whiteboard: [CID 874])
Attachments
(1 file)
|
2.80 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
Coverity CID 874.
In NSS_CMSRecipientInfo_WrapBulkKey, if cert is NULL and certalgtag
is any of these 3 values:
SEC_OID_MISSI_KEA_DSS_OLD:
SEC_OID_MISSI_KEA_DSS:
SEC_OID_MISSI_KEA:
then we call NSS_CMSUtil_EncryptSymKey_MISSI will that null cert ptr
and that function derereferences it.
I think this should never happen, but I see no code that ensures
that it won't.
We could fix this by removing the MISSI cases from this switch,
or by adding code to detect a null cert ptr. Bob, what do you suggest?
|
Assignee | |
Updated•18 years ago
|
Priority: -- → P2
Target Milestone: --- → 3.11.2
|
|
Assignee | |
Comment 1•18 years ago
|
||
Bob, if you think this is the wrong approach, please write another patch
that takes the right one.
|
||
Updated•18 years ago
|
Whiteboard: [CID 874]
|
||
Comment 2•18 years ago
|
||
Comment on attachment 224831 [details] [diff] [review]
Remove all MISSI cases from this source file
r+
MISSI code will fail at some point because it requires FORTEZZA, but it is possible to have an old fortezza encrypted message in your mail, so it's possible that you may hit this code.
bob
Attachment #224831 -
Flags: review?(rrelyea) → review+
|
|
Assignee | |
Comment 4•18 years ago
|
||
Remove FORTEZZA code from this file. Coverity CID 874. r=rrelyea.
Checking in cmsrecinfo.c; new revision: 1.19; previous revision: 1.18
Checking in cmsrecinfo.c; new revision: 1.16.2.2; previous revision: 1.16.2.1
Resolved / Fixed
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•