Closed Bug 469583 Opened 15 years ago Closed 15 years ago

Coverity: uninitialized variable used in sec_pkcs5CreateAlgorithmID

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.12
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.3

People

(Reporter: nelson, Assigned: rrelyea)

Details

According to Coverity run 278, CID 1397, 
in file nss/lib/pk11wrap/pk11pbe.c, sec_pkcs5CreateAlgorithmID, 
if the attempt to allocate a new arena fails, leaving poolp == NULL,

 	    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);

the code will reach these lines of code at the bottom of the function:

    if (pbe_param) {
        sec_pkcs5_destroy_pbe_param(pbe_param);
    }

with pbe_param uninitialized.
Another issue reported in the same function, same coverity run and SID

622  		if (sec_pkcs5_is_algorithm_v2_pkcs5_algorithm(algorithm)) {

If sec_pkcs5_is_algorithm_v2_pkcs5_algorithm returns true, then in the 
following statement,

623  		    if (cipherAlgorithm == SEC_OID_UNKNOWN) {

cipherAlgorithm is uninitialized.  However, it appears to me that this 
issue has already been fixed on the trunk.
Both of these issues have already been fixed on the trunk.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.