Last Comment Bug 353760 - klocwork null pointer dereference in p7decode.c
: klocwork null pointer dereference in p7decode.c
: klocwork
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: trunk
: All All
: P2 normal (vote)
: 3.12
Assigned To: Alexei Volkov
Depends on:
  Show dependency treegraph
Reported: 2006-09-21 23:08 PDT by Nelson Bolyard (seldom reads bugmail)
Modified: 2006-10-09 15:22 PDT (History)
1 user (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---

check p7dcx for null value (1.05 KB, patch)
2006-10-02 15:10 PDT, Alexei Volkov
nelson: review+
Details | Diff | Splinter Review

Description Nelson Bolyard (seldom reads bugmail) 2006-09-21 23:08:46 PDT
Klocwork id 88036
File     nss/lib/pkcs7/p7decode.c 
Function SEC_PKCS7DecodeItem

Pointer 'p7dcx' returned from call to function 'SEC_PKCS7DecoderStart' at 
line 1240 may be NULL and will be dereferenced by passing argument 1 to 
function 'SEC_PKCS7DecoderUpdate' at line 1242.

1240 p7dcx = SEC_PKCS7DecoderStart(cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb, 
1241				  decrypt_key_cb_arg, decrypt_allowed_cb); 
1242 (void) SEC_PKCS7DecoderUpdate(p7dcx, (char *) p7item->data, p7item->len); 
1243 return SEC_PKCS7DecoderFinish(p7dcx);
Comment 1 Alexei Volkov 2006-10-02 15:10:59 PDT
Created attachment 240987 [details] [diff] [review]
check p7dcx for null value
Comment 2 Nelson Bolyard (seldom reads bugmail) 2006-10-02 15:14:00 PDT
Comment on attachment 240987 [details] [diff] [review]
check p7dcx for null value 

Comment 3 Alexei Volkov 2006-10-09 15:22:47 PDT
/cvsroot/mozilla/security/nss/lib/pkcs7/p7decode.c,v  <--  p7decode.c
new revision: 1.23; previous revision: 1.22

Note You need to log in before you can comment on or make changes to this bug.