klocwork null ptr dereferences in pki3hack.c

RESOLVED FIXED in 3.12

Status

NSS
Libraries
P2
normal
RESOLVED FIXED
11 years ago
11 years ago

People

(Reporter: Nelson Bolyard (seldom reads bugmail), Assigned: Alexei Volkov)

Tracking

({klocwork})

trunk
3.12
klocwork

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

2.68 KB, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
Klocwork id 89017
File     nss/lib/pki/pki3hack.c
Function STAN_GetNSSCertificate

Pointer 'instance' returned from call to function 'nss_ZAlloc' at line 973 
may be NULL and will be dereferenced at line 974.

973	instance = nss_ZNEW(arena, nssCryptokiInstance); 
974	instance->token = nssToken_AddRef(PK11Slot_GetNSSToken(cc->slot)); 

Klocwork ID 89035
File     nss/lib/pki/pki3hack.c
Function STAN_ChangeCertTrust

Pointer 'c' returned from call to function 'STAN_GetNSSCertificate' at 
line 1035 may be NULL and will be dereferenced by passing argument 1 to 
function 'nssTrust_GetCERTCertTrustForCert' at line 1045.
(Reporter)

Comment 1

11 years ago
ID:       89036     
Function: STAN_ChangeCertTrust
Location: nss/lib/pki/pki3hack.c : 1067

Pointer 'nssTrust' returned from call to function 'nss_ZAlloc' at line 1061 
may be NULL and may be dereferenced at line 1067.

1061	    nssTrust = nss_ZNEW(arena, NSSTrust); 
1067	    nssTrust->object = *pkiob; 
(Reporter)

Updated

11 years ago
Priority: -- → P2
Target Milestone: --- → 3.12
(Assignee)

Comment 2

11 years ago
Created attachment 241201 [details] [diff] [review]
add checks for NULL
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #241201 - Flags: review?(nelson)
(Reporter)

Comment 3

11 years ago
Comment on attachment 241201 [details] [diff] [review]
add checks for NULL

r=nelson for trunk.
Attachment #241201 - Flags: review?(nelson) → review+
(Assignee)

Comment 4

11 years ago
/cvsroot/mozilla/security/nss/lib/pki/pki3hack.c,v  <--  pki3hack.c
new revision: 1.92; previous revision: 1.91
Status: ASSIGNED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.