Closed
Bug 353374
Opened 18 years ago
Closed 18 years ago
Klocwork 76494 - Null ptr derefs in CERT_FormatName
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: nelson, Assigned: alvolkov.bgs)
Details
(Keywords: klocwork)
Attachments
(1 file)
|
6.76 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
In file nss/lib/certhigh/certhtml.c, in function CERT_FormatName,
there are 8 calls to CERT_DecodeAVAValue, each of which returns a pointer.
Immediately following each call, that pointer is derefenced without first
being checked for NULL. The function can and does occasionally return NULL.
Klockwork IDs 76494, 76496, 76498, 46500, 76502, 76504, 76506, 76508.
|
Assignee | |
Comment 1•18 years ago
|
||
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #240386 -
Flags: review?(nelson)
|
Reporter | |
Comment 2•18 years ago
|
||
Comment on attachment 240386 [details] [diff] [review]
check a pointer for NULL before deref it.
r=nelson for trunk
Attachment #240386 -
Flags: review?(nelson) → review+
|
|
Assignee | |
Comment 3•18 years ago
|
||
/cvsroot/mozilla/security/nss/lib/certdb/secname.c,v <-- secname.c
new revision: 1.20; previous revision: 1.19
/cvsroot/mozilla/security/nss/lib/certhigh/certhtml.c,v <-- certhtml.c
new revision: 1.7; previous revision: 1.6
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Updated•18 years ago
|
Priority: -- → P2
You need to log in
before you can comment on or make changes to this bug.
Description
•