crash in PKIX_PL_Cert_GetVersion

RESOLVED FIXED in 3.12

Status

P1
normal
RESOLVED FIXED
11 years ago
11 years ago

People

(Reporter: kaie, Assigned: kaie)

Tracking

({crash})

trunk
3.12
crash

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Assignee)

Description

11 years ago
Using the latest trunk of NSS in Firefox, and using the dumper code from bug 418398, I crash when visiting paypal.

#0  0x0129433b in PKIX_PL_Cert_GetVersion (cert=0xa52d25c, pVersion=0xbfeb01fc, plContext=0x968fa00) at pkix_pl_cert.c:1700

(gdb) print nssCert->version
$3 = {type = siBuffer, data = 0x0, len = 0}

The code attempts to deference data, which is null.
(Assignee)

Comment 1

11 years ago
Created attachment 308012 [details] [diff] [review]
Patch v1
Attachment #308012 - Flags: review?(alexei.volkov.bugs)

Comment 2

11 years ago
Comment on attachment 308012 [details] [diff] [review]
Patch v1

The version is optional. We can do extra things, like check for cert extensions, and if they are present, then set it to V3. But I don't think we need it in this function.
Attachment #308012 - Flags: review?(alexei.volkov.bugs) → review+
(Assignee)

Comment 3

11 years ago
Checking in mozilla/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c;
/cvsroot/mozilla/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c,v  <--  pkix_pl_cert.c
new revision: 1.15; previous revision: 1.14
done


fixed
Status: NEW → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee: nobody → kaie
Status: REOPENED → NEW
Priority: -- → P1
Target Milestone: --- → 3.12
Status: NEW → RESOLVED
Last Resolved: 11 years ago11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.