Closed Bug 353865 Opened 18 years ago Closed 18 years ago

klocwork Null ptr deref in softoken/pk11db.c

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Assigned: alvolkov.bgs)

Details

(Keywords: klocwork)

Attachments

(1 file, 1 obsolete file)

init lconfigdir
1.47 KB, patch
nelson
: review+
Details | Diff | Splinter Review 
Klocwork ID 88483
Function: secmod_getSecmodName
Location: nss/lib/softoken/pk11db.c : 286

Pointer 'configdir' returned from call to function 'secmod_argFetchValue' 
at line 271 may be NULL and will be dereferenced by passing argument 1 to 
function 'sftk_EvaluateConfigDir' at line 286.

270	    while (*param) { 
271		SECMOD_HANDLE_STRING_ARG(param,configdir,"configDir=",;) 
272		SECMOD_HANDLE_STRING_ARG(param,secmodName,"secmod=",;) 
273		SECMOD_HANDLE_FINAL_ARG(param) 
274	   } 
286	   lconfigdir = sftk_EvaluateConfigDir(configdir, appName);
Priority: -- → P2
Target Milestone: --- → 3.12
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED

        Attachment #242935 -
        Flags: review?(nelson)

    
    

    
  
Comment on attachment 242935 [details] [diff] [review]
check a pointer for NULL before calling sftk_EvaluateConfigDir

>-   lconfigdir = sftk_EvaluateConfigDir(configdir, appName);
>+   if (configdir) {
>+       lconfigdir = sftk_EvaluateConfigDir(configdir, appName);
>+   }
>    if (lconfigdir) {

lconfigdir is uninitialized, so value is random if !confidir.

        Attachment #242935 -
        Flags: review?(nelson) → review-

    
    

    
  

      
      
      
      

        Attached patch
          
          
        init lconfigdirSplinter Review
      

    


  

        Attachment #242935 -
        Attachment is obsolete: true

        Attachment #243410 -
        Flags: review?(nelson)

    
    

    
  
Comment on attachment 243410 [details] [diff] [review]
init lconfigdir

r=nelson

        Attachment #243410 -
        Flags: review?(nelson) → review+

    
    

    
  
/cvsroot/mozilla/security/nss/lib/softoken/pk11db.c,v  <--  pk11db.c
new revision: 1.38; previous revision: 1.37

Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: