Coverity: uninitialized variable used in sec_pkcs5CreateAlgorithmID

RESOLVED FIXED in 3.12.3

Status

NSS
Libraries
RESOLVED FIXED
9 years ago
9 years ago

People

(Reporter: Nelson Bolyard (seldom reads bugmail), Assigned: Robert Relyea)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

According to Coverity run 278, CID 1397, 
in file nss/lib/pk11wrap/pk11pbe.c, sec_pkcs5CreateAlgorithmID, 
if the attempt to allocate a new arena fails, leaving poolp == NULL,

 	    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);

the code will reach these lines of code at the bottom of the function:

    if (pbe_param) {
        sec_pkcs5_destroy_pbe_param(pbe_param);
    }

with pbe_param uninitialized.
Another issue reported in the same function, same coverity run and SID

622  		if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(algorithm)) {

If sec_pkcs5_is_algorithm_v2_pkcs5_algorithm returns true, then in the 
following statement,

623  		    if (cipherAlgorithm == SEC_OID_UNKNOWN) {

cipherAlgorithm is uninitialized.  However, it appears to me that this 
issue has already been fixed on the trunk.
Both of these issues have already been fixed on the trunk.
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.