Last Comment Bug 353748 - klocwork null ptr dereferences in pki3hack.c
: klocwork null ptr dereferences in pki3hack.c
Status: RESOLVED FIXED
: klocwork
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: trunk
: All All
: P2 normal (vote)
: 3.12
Assigned To: Alexei Volkov
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-09-21 21:54 PDT by Nelson Bolyard (seldom reads bugmail)
Modified: 2006-10-09 15:21 PDT (History)
1 user (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
add checks for NULL (2.68 KB, patch)
2006-10-04 12:27 PDT, Alexei Volkov
nelson: review+
Details | Diff | Splinter Review

Description Nelson Bolyard (seldom reads bugmail) 2006-09-21 21:54:26 PDT
Klocwork id 89017
File     nss/lib/pki/pki3hack.c
Function STAN_GetNSSCertificate

Pointer 'instance' returned from call to function 'nss_ZAlloc' at line 973 
may be NULL and will be dereferenced at line 974.

973	instance = nss_ZNEW(arena, nssCryptokiInstance); 
974	instance->token = nssToken_AddRef(PK11Slot_GetNSSToken(cc->slot)); 

Klocwork ID 89035
File     nss/lib/pki/pki3hack.c
Function STAN_ChangeCertTrust

Pointer 'c' returned from call to function 'STAN_GetNSSCertificate' at 
line 1035 may be NULL and will be dereferenced by passing argument 1 to 
function 'nssTrust_GetCERTCertTrustForCert' at line 1045.
Comment 1 Nelson Bolyard (seldom reads bugmail) 2006-09-22 17:34:11 PDT
ID:       89036     
Function: STAN_ChangeCertTrust
Location: nss/lib/pki/pki3hack.c : 1067

Pointer 'nssTrust' returned from call to function 'nss_ZAlloc' at line 1061 
may be NULL and may be dereferenced at line 1067.

1061	    nssTrust = nss_ZNEW(arena, NSSTrust); 
1067	    nssTrust->object = *pkiob; 
Comment 2 Alexei Volkov 2006-10-04 12:27:04 PDT
Created attachment 241201 [details] [diff] [review]
add checks for NULL
Comment 3 Nelson Bolyard (seldom reads bugmail) 2006-10-04 12:42:25 PDT
Comment on attachment 241201 [details] [diff] [review]
add checks for NULL

r=nelson for trunk.
Comment 4 Alexei Volkov 2006-10-09 15:21:56 PDT
/cvsroot/mozilla/security/nss/lib/pki/pki3hack.c,v  <--  pki3hack.c
new revision: 1.92; previous revision: 1.91

Note You need to log in before you can comment on or make changes to this bug.