Closed Bug 469583 Opened 16 years ago Closed 16 years ago

Coverity: uninitialized variable used in sec_pkcs5CreateAlgorithmID

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.12
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.3

People

(Reporter: nelson, Assigned: rrelyea)

Details

According to Coverity run 278, CID 1397, in file nss/lib/pk11wrap/pk11pbe.c, sec_pkcs5CreateAlgorithmID, if the attempt to allocate a new arena fails, leaving poolp == NULL, poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); the code will reach these lines of code at the bottom of the function: if (pbe_param) { sec_pkcs5_destroy_pbe_param(pbe_param); } with pbe_param uninitialized.
Another issue reported in the same function, same coverity run and SID 622 if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(algorithm)) { If sec_pkcs5_is_algorithm_v2_pkcs5_algorithm returns true, then in the following statement, 623 if (cipherAlgorithm == SEC_OID_UNKNOWN) { cipherAlgorithm is uninitialized. However, it appears to me that this issue has already been fixed on the trunk.
Both of these issues have already been fixed on the trunk.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.