Open Bug 457015 Opened 17 years ago Updated 1 years ago

Some NSS public API functions are not tested

Categories

(NSS :: Test, defect, P5)

Product:
NSS
Component:
Test
Type:
defect

Tracking

(Not tracked)

People

(Reporter: nelson, Unassigned)

References

(Depends on 1 open bug)

Details

This bug exists to collect the names of NSS public API functions that are not tested by any NSS test program used in the all.sh test script. This bug will act as an umbrella bug for other bugs that exist to supply the missing tests for the individual functions. It will be blocked by those other bugs. Many of the functions that appear in this list are used by PSM, but are not otherwise tested. One consequence of this is that no leak testing is done on them. Functions: SECMOD_CancelWait PK11_FindSlotsByNames
It seems to me there should be some QA coverage tool that should be able to tell us what we need to know here automatically after a QA run. If we don't have that, at the very least source code inspection can tell us which functions are completely unused by the programs under cmd. But it doesn't tell us if these code paths are tested. Some quick manual checking against the newest functions from 3.12 shows a few more APIs that are never used under cmd : CERT_CheckNameSpace CERT_FindCRLReasonExten CERT_FindCRLNumberExten CERT_GetClassicOCSPDisabledPolicy CERT_GetClassicOCSPEnabledHardFailurePolicy CERT_GetClassicOCSPEnabledSoftFailurePolicy CERT_GetPKIXVerifyNistRevocationPolicy CERT_GetUsePKIXForValidation CERT_GetValidDNSPatternsFromCert CERT_SetOCSPTimeout HASH_GetType As far as leak checking goes, I think many APIs are used only outside of selfserv and strsclnt, which are unfortunately the only 2 programs we are doing leak-checking on at the moment.
I clicked commit before I was done with the list. PK11_CreateGenericObject PK11_CreatePBEV2AlgorithmID PK11_GenerateKeyPairWithOpFlags PK11_GetAllSlotsForCert PK11_GetPBECryptoMechanism PK11_WriteRawAttribute SECKEY_EcParamsToBasePointOrderLen SECKEY_ECParamsToKeySize SEC_GetRegisteredHttpClient VFY_CreateContextDirect VFY_VerifyDataDirect VFY_VerifyDigestDirect VFY_VerifyDigestWithAlgorithmID That's 24 3.12 APIs that are never called, out of 44 new APIs introduced. Ie. about 55% of new APIs in 3.12 are never ever tested, not for functionality or for leaks.
Severity: normal → S3
Severity: S3 → S4
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.