Location: nss/lib/pki/tdcache.c : 901
Pointer 'iter' returned from call to function 'nssList_CreateIterator' at
line 900 may be NULL and will be dereferenced by passing argument 1 to
function 'nssListIterator_Start' at line 901.
900 nssListIterator *iter = nssList_CreateIterator(subjectList);
901 for (c = (NSSCertificate *)nssListIterator_Start(iter);
Created attachment 241226 [details] [diff] [review]
Comment on attachment 241226 [details] [diff] [review]
This patch is correct with respect to preventing the crash.
It makes the "if (rvCertListOpt)" code be as correct as the "else" code.
But it appears to me that there is a reference leak (actually, a bunch
of them) in both of those two paths. Notice the call to
nssCertificateList_AddReferences. It adds a reference to every cert
in the "subjectList". If we fail to creat the iterator, those new
references must be released, or else those references will be leaked.
We can either
(a) commit this patch and file a separate bug about that leak or
(b) try to fix that leak for this bug in a new patch.
Alexei, I'll let you decide.
/cvsroot/mozilla/security/nss/lib/pki/tdcache.c,v <-- tdcache.c
new revision: 1.45; previous revision: 1.44