Klocwork 76541 free uninitialized pointer in CERT_FindCertURLExtension

RESOLVED FIXED in 3.12

Status

NSS
Libraries
P2
normal
RESOLVED FIXED
11 years ago
11 years ago

People

(Reporter: Nelson Bolyard (seldom reads bugmail), Assigned: Alexei Volkov)

Tracking

({klocwork})

3.11
3.12
klocwork

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

In file nss/lib/certdb/certv3.c function CERT_FindCertURLExtension,
at label "done", baseitem.data and urlitem.data are freed if non-NULL.
Neither is initialized if PORT_NewArena returns NULL at line 118.

Klocwork items 76541 and 76542
Keywords: klocwork
(Assignee)

Comment 1

11 years ago
Created attachment 240389 [details] [diff] [review]
init baseitem and urlitem before allocating arena
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #240389 - Flags: review?(nelson)
(Reporter)

Comment 2

11 years ago
Comment on attachment 240389 [details] [diff] [review]
init baseitem and urlitem before allocating arena

r=nelson for trunk
Attachment #240389 - Flags: review?(nelson) → review+
(Assignee)

Comment 3

11 years ago
/cvsroot/mozilla/security/nss/lib/certdb/certv3.c,v  <--  certv3.c
new revision: 1.9; previous revision: 1.8
Status: ASSIGNED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
(Reporter)

Updated

11 years ago
Priority: -- → P2
You need to log in before you can comment on or make changes to this bug.