Last Comment Bug 456854 - CERT_DecodeCertPackage does not set NSPR error code upon error
: CERT_DecodeCertPackage does not set NSPR error code upon error
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: 3.12.1
: All All
P2 normal (vote)
: 3.12.2
Assigned To: Julien Pierre
Depends on:
  Show dependency treegraph
Reported: 2008-09-24 13:10 PDT by Julien Pierre
Modified: 2008-09-24 16:58 PDT (History)
0 users
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---

add missing error code (483 bytes, patch)
2008-09-24 15:59 PDT, Julien Pierre
nelson: review+
Details | Diff | Splinter Review

Description User image Julien Pierre 2008-09-24 13:10:17 PDT
No error code is set by this function when it fails. A test case to reproduce this is :

certutil.exe -d . -A -i symkeyutil.exe -n bla -t ,,,
certutil.exe: could not obtain certificate from file: Unrecognized Object Identi

The stack where the error happens is :

>	smime3.dll!CERT_DecodeCertPackage(char * certbuf=0x00000000025efa00, int certlen=163328, _SECStatus (void *, SECItemStr * *, int)* f=0x0000000000433410, void * arg=0x000000000012f9f0)  Line 392	C
 	smime3.dll!CERT_DecodeCertFromPackage(char * certbuf=0x00000000025efa00, int certlen=163328)  Line 441 + 0x1a bytes	C
 	certutil.exe!AddCert(PK11SlotInfoStr * slot=0x00000000025e1520, NSSTrustDomainStr * handle=0x00000000025e4590, char * name=0x000000000200afe0, char * trusts=0x0000000002004c19, PRFileDesc * inFile=0x000000000200aed0, int ascii=0, int emailcert=0, void * pwdata=0x000000000012fbe0)  Line 161 + 0xe bytes	C
 	certutil.exe!certutil_main(int argc=10, char * * argv=0x0000000002004b60, int initialize=1)  Line 2789 + 0x64 bytes	C
 	certutil.exe!main(int argc=10, char * * argv=0x0000000002004b60)  Line 2920 + 0x14 bytes	C
 	certutil.exe!__tmainCRTStartup()  Line 582 + 0x19 bytes	C
Comment 1 User image Julien Pierre 2008-09-24 15:59:55 PDT
Created attachment 340236 [details] [diff] [review]
add missing error code

I think this is the code that makes the most sense.
Any random binary or ascii file without headers fed to this function gets to this code path.
Comment 2 User image Nelson Bolyard (seldom reads bugmail) 2008-09-24 16:47:55 PDT
Comment on attachment 340236 [details] [diff] [review]
add missing error code

Comment 3 User image Julien Pierre 2008-09-24 16:58:18 PDT
Thanks for the review, Nelson.

Checking in certread.c;
/cvsroot/mozilla/security/nss/lib/pkcs7/certread.c,v  <--  certread.c
new revision: 1.14; previous revision: 1.13

Note You need to log in before you can comment on or make changes to this bug.