The default bug view has changed. See this FAQ.

CERT_DecodeCertPackage does not set NSPR error code upon error

RESOLVED FIXED in 3.12.2

Status

NSS
Libraries
P2
normal
RESOLVED FIXED
9 years ago
9 years ago

People

(Reporter: Julien Pierre, Assigned: Julien Pierre)

Tracking

3.12.1
3.12.2

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

483 bytes, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
(Assignee)

Description

9 years ago
No error code is set by this function when it fails. A test case to reproduce this is :

certutil.exe -d . -A -i symkeyutil.exe -n bla -t ,,,
certutil.exe: could not obtain certificate from file: Unrecognized Object Identi
fier.

The stack where the error happens is :

>	smime3.dll!CERT_DecodeCertPackage(char * certbuf=0x00000000025efa00, int certlen=163328, _SECStatus (void *, SECItemStr * *, int)* f=0x0000000000433410, void * arg=0x000000000012f9f0)  Line 392	C
 	smime3.dll!CERT_DecodeCertFromPackage(char * certbuf=0x00000000025efa00, int certlen=163328)  Line 441 + 0x1a bytes	C
 	certutil.exe!AddCert(PK11SlotInfoStr * slot=0x00000000025e1520, NSSTrustDomainStr * handle=0x00000000025e4590, char * name=0x000000000200afe0, char * trusts=0x0000000002004c19, PRFileDesc * inFile=0x000000000200aed0, int ascii=0, int emailcert=0, void * pwdata=0x000000000012fbe0)  Line 161 + 0xe bytes	C
 	certutil.exe!certutil_main(int argc=10, char * * argv=0x0000000002004b60, int initialize=1)  Line 2789 + 0x64 bytes	C
 	certutil.exe!main(int argc=10, char * * argv=0x0000000002004b60)  Line 2920 + 0x14 bytes	C
 	certutil.exe!__tmainCRTStartup()  Line 582 + 0x19 bytes	C
(Assignee)

Updated

9 years ago
Assignee: nobody → julien.pierre.boogz
(Assignee)

Comment 1

9 years ago
Created attachment 340236 [details] [diff] [review]
add missing error code

I think this is the code that makes the most sense.
Any random binary or ascii file without headers fed to this function gets to this code path.
Attachment #340236 - Flags: review?(nelson)
Comment on attachment 340236 [details] [diff] [review]
add missing error code

r=nelson
Attachment #340236 - Flags: review?(nelson) → review+
(Assignee)

Comment 3

9 years ago
Thanks for the review, Nelson.

Checking in certread.c;
/cvsroot/mozilla/security/nss/lib/pkcs7/certread.c,v  <--  certread.c
new revision: 1.14; previous revision: 1.13
done
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: --- → 3.12.2
You need to log in before you can comment on or make changes to this bug.