Closed Bug 387011 Opened 17 years ago Closed 17 years ago

Crash when importing certificate [@ nsNSSCertificateDB::ImportCertsFromFile]

Categories

(Core :: Security: PSM, defect)

1.8 Branch
x86
Linux
defect
Not set
critical

Tracking

()

VERIFIED FIXED

People

(Reporter: gothicx, Assigned: KaiE)

References

()

Details

(Keywords: crash, verified1.8.0.13, verified1.8.1.8)

Crash Data

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.4) Gecko/20061201 Firefox/2.0.0.4 (Ubuntu-feisty)
Build Identifier: 2.0

Open certificate cause crash

I tried to import a certificate manually and clicked on open location at gnome desktop and put "http://www.clustercube.com/clustercube.com.crt" this file there, a working certificate file trough web url and it crashed.

Reproducible: Always

Steps to Reproduce:
v1.5.*
1. open thunderbird
2. go to Edit > Preferences > Privacy > Security
3. Click on view certificates
4. Click on other peoples
5. import
6. when nautilus opens click the icon in top left (location icon)
7. add http://www.clustercube.com/clustercube.com.crt in the location URL spot
8. click OPEN
9. watch thunderbird crash.

---

v2.0
1. open thunderbird
2. go to Edit > Preferences > Advanced > Security
3. Click on view certificates
4. Click on other peoples
5. import
6. when nautilus opens click the icon in top left (location icon)
7. add http://www.clustercube.com/clustercube.com.crt in the location URL spot
8. click OPEN
9. watch thunderbird crash.
Actual Results:  
Crash

Expected Results:  
Don't crash

More information on Launchpad.net bug report.
Version: unspecified → 2.0
It appears that a NULL file is getting passed into nsNSSCertificateDB::ImportCertsFromFile.

#3 <signal handler called>
#4 nsNSSCertificateDB::ImportCertsFromFile (this=0x8f0d0c8, aToken=0x0,
#5 XPTC_InvokeByIndex () at xptcinvoke_gcc_x86_unix.cpp:50
#6 XPCWrappedNative::CallMethod (ccx=@0xbff2915c,
#7 XPC_WN_CallMethod (cx=0x8f7f660, obj=0x8ec5d70, argc=3,
#8 js_Invoke (cx=0x8f7f660, argc=3, flags=0) at jsinterp.c:1187
#9 js_Interpret (cx=0x8f7f660, pc=0x8e08b53 ":",
#0 __kernel_vsyscall ()

#4  nsNSSCertificateDB::ImportCertsFromFile (this=0x8f0d0c8, aToken=0x0, 
    aFile=0x0, aType=4) at nsNSSCertificateDB.cpp:1028
	rv = <value optimized out>
	fd = (PRFileDesc *) 0x0
	file_info = {type = 3220344488, size = -1209059669, 
  creationTime = 68854785104, modifyTime = -4615469847035080500}
	bytes_obtained = <value optimized out>
Assignee: nobody → kengert
Status: UNCONFIRMED → NEW
Component: Preferences → Security: PSM
Ever confirmed: true
Product: Thunderbird → Core
QA Contact: preferences → psm
Summary: mozilla-thunderbird crashed [@nsNSSCertificateDB::ImportCertsFromFile] → Crash when importing certificate [@ nsNSSCertificateDB::ImportCertsFromFile]
Version: 2.0 → 1.8 Branch
This bug might actually be in the GTK filepicker widget code... it seems like it should error out if the file it gets is NULL. On the other hand, it seems like the NSS function should check for a non-NULL file argument.
Severity: normal → critical
Keywords: crash
Attached patch Patch v1Splinter Review
Bob, can you please review this crash fix?
Attachment #271961 - Flags: review?(rrelyea)
Flags: blocking1.8.1.5?
Flags: blocking1.8.0.13?
Flags: blocking1.8.1.5? → blocking1.8.1.6?
Comment on attachment 271961 [details] [diff] [review]
Patch v1

r+=rrelyea
Attachment #271961 - Flags: review?(rrelyea) → review+
fixed in cvs head
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Comment on attachment 271961 [details] [diff] [review]
Patch v1

requesting branch approval for trivial crash fix
Attachment #271961 - Flags: approval1.8.1.6?
Attachment #271961 - Flags: approval1.8.0.13?
Attachment #271961 - Flags: approval1.8.1.6? → approval1.8.1.7?
Not blockers, but we'll look at the approvals
Flags: wanted1.8.1.x+
Flags: wanted1.8.0.x+
Flags: blocking1.8.1.7?
Flags: blocking1.8.0.13?
Comment on attachment 271961 [details] [diff] [review]
Patch v1

approved for 1.8.1.7 and 1.8.0.13, a=dveditz for release-drivers
Attachment #271961 - Flags: approval1.8.1.7?
Attachment #271961 - Flags: approval1.8.1.7+
Attachment #271961 - Flags: approval1.8.0.13?
Attachment #271961 - Flags: approval1.8.0.13+
fixed1.8.0.13, fixed1.8.1.7
Status: RESOLVED → VERIFIED
Verified in 1.8.0.13 Thunderbird RC1 candidate (2007080917) on Ubuntu. 
verified fixed 1.8.1.7 using Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.7pre) Gecko/20070903 Thunderbird/2.0.0.7pre ID:2007090303 on Ubuntu

no crash on the steps to reproduce -> adding verified keyword
Crash Signature: [@ nsNSSCertificateDB::ImportCertsFromFile]
You need to log in before you can comment on or make changes to this bug.