Klocwork Null ptr dereferences in pk11obj.c

RESOLVED FIXED in 3.12

Status

NSS
Libraries
P2
normal
RESOLVED FIXED
11 years ago
11 years ago

People

(Reporter: Nelson Bolyard (seldom reads bugmail), Assigned: Alexei Volkov)

Tracking

({klocwork})

trunk
3.12
klocwork

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

fix
1.52 KB, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
ID:       88588
Function: PK11_FindGenericObjects
Location: nss/lib/pk11wrap/pk11obj.c

Function: PK11_FindGenericObjects
Location: nss/lib/pk11wrap/pk11obj.c : 1190

Null pointer 'firstObj' that comes from line 1175 may be dereferenced by 
passing argument 1 to function 'PK11_DestroyGenericObjects' at line 1190.

1175	    PK11GenericObject *firstObj = NULL; 
1187	    for (i=0; i < count; i++) { 
1188		obj = PORT_New(PK11GenericObject); 
1189		if ( !obj ) { 
1190		    PK11_DestroyGenericObjects(firstObj); 

ID:       88569
Function: PK11_DestroyGenericObjects
Location: nss/lib/pk11wrap/pk11obj.c : 1292

Dereference of pointer 'objects' at line 1292 before NULL check at line 1294

1288	SECStatus  
1289	PK11_DestroyGenericObjects(PK11GenericObject *objects) 
1290	{ 
1291	    PK11GenericObject *nextObject; 
1292	    PK11GenericObject *prevObject = objects->prev; 
1293	  
1294	    if (objects == NULL) { 
1295		return SECSuccess; 
1296	    }
(Assignee)

Comment 1

11 years ago
Created attachment 241190 [details] [diff] [review]
fix
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #241190 - Flags: review?(nelson)
(Reporter)

Comment 2

11 years ago
Comment on attachment 241190 [details] [diff] [review]
fix

r=nelson for trunk
Attachment #241190 - Flags: review?(nelson) → review+
(Reporter)

Updated

11 years ago
Priority: -- → P2
Target Milestone: --- → 3.12
(Assignee)

Comment 3

11 years ago
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11obj.c,v  <--  pk11obj.c
new revision: 1.14; previous revision: 1.13
Status: ASSIGNED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.