Closed
Bug 414985
Opened 17 years ago
Closed 17 years ago
Crash in pkix_pl_OcspRequest_Destroy
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: alvolkov.bgs, Assigned: alvolkov.bgs)
Details
Attachments
(1 file)
|
3.54 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
Crash in libpkix when requesting ocsp revocation chain on a cert that does not have AIA extension.
The crash happened because of two fields of pkix_pl_ocsprequest data type was not initialized before destruction. They are certList and location.
|
Assignee | |
Comment 1•17 years ago
|
||
The patch also fixes some potential leaks in CERT_PKIXVerifyCert function.
Attachment #300525 -
Flags: review?(nelson)
|
|
||
Comment 2•17 years ago
|
||
Comment on attachment 300525 [details] [diff] [review]
Init certList and location
r=nelson
Attachment #300525 -
Flags: review?(nelson) → review+
|
|
Assignee | |
Comment 3•17 years ago
|
||
/cvsroot/mozilla/security/nss/lib/certhigh/certvfypkix.c,v <-- certvfypkix.c
new revision: 1.10; previous revision: 1.9
Checking in lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocsprequest.c;
new revision: 1.7; previous revision: 1.6
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•