Closed Bug 469583 Opened 16 years ago Closed 16 years ago

Coverity: uninitialized variable used in sec_pkcs5CreateAlgorithmID

Categories

(NSS :: Libraries, defect)

3.12
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED
3.12.3

People

(Reporter: nelson, Assigned: rrelyea)

Details

According to Coverity run 278, CID 1397, 
in file nss/lib/pk11wrap/pk11pbe.c, sec_pkcs5CreateAlgorithmID, 
if the attempt to allocate a new arena fails, leaving poolp == NULL,

 	    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);

the code will reach these lines of code at the bottom of the function:

    if (pbe_param) {
        sec_pkcs5_destroy_pbe_param(pbe_param);
    }

with pbe_param uninitialized.
Another issue reported in the same function, same coverity run and SID

622  		if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(algorithm)) {

If sec_pkcs5_is_algorithm_v2_pkcs5_algorithm returns true, then in the 
following statement,

623  		    if (cipherAlgorithm == SEC_OID_UNKNOWN) {

cipherAlgorithm is uninitialized.  However, it appears to me that this 
issue has already been fixed on the trunk.
Both of these issues have already been fixed on the trunk.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.