Closed
Bug 469623
Opened 16 years ago
Closed 14 years ago
Coverity bugs in nss/lib/pki
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.7
People
(Reporter: nelson, Assigned: shailen.n.jain)
Details
Attachments
(1 file, 3 obsolete files)
1.38 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
Coverity is checking Firefox's snapshot of NSS 3.12, which is now pretty old. These bugs may already be fixed, or may be different. CID 1041 - null ptr dereference File nss/lib/pki/pkibase.c, function nssCertificateArray_FindBestCertificate 515 bestdc = nssCertificate_GetDecoding(bestCert); 516 /* time */ 517 if (bestdc->isValidAtTime(bestdc, time)) { Event dereference: Dereferencing NULL value "bestdc"
Reporter | ||
Comment 1•16 years ago
|
||
CID 1306 - null ptr dereference File nss/lib/pki/pkibase.c, function NSSTime_SetPRTime 1252 rvTime = (timeOpt) ? timeOpt : nss_ZNEW(NULL, NSSTime); 1253 rvTime->prTime = prTime; Event dereference: Dereferencing NULL value "rvTime"
Assignee: nobody → nelson
Priority: -- → P1
Reporter | ||
Updated•15 years ago
|
Target Milestone: 3.12.3 → 3.12.5
Reporter | ||
Updated•15 years ago
|
Assignee: nelson → nobody
Target Milestone: 3.12.5 → ---
Hi Nelson, Please review the patch. Thanks, Shailendra
Attachment #433786 -
Flags: review?(nelson)
Reporter | ||
Updated•14 years ago
|
Attachment #433786 -
Flags: review?(nelson) → review-
Reporter | ||
Comment 3•14 years ago
|
||
Comment on attachment 433786 [details] [diff] [review] Patch V 1 Sorry, This patch makes two changes and there are problems with both of them. > bestdc = nssCertificate_GetDecoding(bestCert); >+ if (!bestdc) continue; > /* time */ This code occurs in a loop that goes through a list of certs, trying to find the "best" one based on comparing the decoded values. If, for some reason, one cannot be decoded, and the other can, then the one that cannot be decoded cannot be the "best" cert. So, if bestdc is null, meaning that the cert we think is "best" until now cannot be decoded, then we must not go on continuing to think it is the best. We must switch to the other one, e.g. nssCertificate_Destroy(bestCert); bestCert = nssCertificate_AddRef(c); continue; > { > NSSTime *rvTime; > rvTime = (timeOpt) ? timeOpt : nss_ZNEW(NULL, NSSTime); >- rvTime->prTime = prTime; >+ if (!rvTime) { >+ rvTime->prTime = prTime; >+ } > return rvTime; > } Uh, no, definitely not. Look at that again.
>This code occurs in a loop that goes through a list of certs, >trying to find the "best" one based on comparing the decoded >values. If, for some reason, one cannot be decoded, and the >other can, then the one that cannot be decoded cannot be the >"best" cert. So, if bestdc is null, meaning that the cert we >think is "best" until now cannot be decoded, then we must not >go on continuing to think it is the best. We must switch to >the other one, e.g. > nssCertificate_Destroy(bestCert); > bestCert = nssCertificate_AddRef(c); > continue; Thanks for providing the detailed explanation. I made the the changes you suggested. > Uh, no, definitely not. Look at that again. Sorry. I must have closed my eyes while making this change :( I have corrected this in the attached patch file. Can you please review and let me know if I had missed anything. Thanks, Shailendra
Attachment #433786 -
Attachment is obsolete: true
Attachment #433876 -
Flags: review?(nelson)
Few space/tab issues in patch version 2 and rectified in the patch version 3. Thanks and Regards, Shailendra
Attachment #433876 -
Attachment is obsolete: true
Attachment #433877 -
Flags: review?(nelson)
Attachment #433876 -
Flags: review?(nelson)
One more space/tab issue found in Patch Version 3 and rectified the same in version 4. Thanks and Regards, Shailendra
Attachment #433877 -
Attachment is obsolete: true
Attachment #433878 -
Flags: review?(nelson)
Attachment #433877 -
Flags: review?(nelson)
Reporter | ||
Comment 7•14 years ago
|
||
Comment on attachment 433878 [details] [diff] [review] Patch Version 4 r=nelson.
Attachment #433878 -
Flags: review?(nelson) → review+
Reporter | ||
Updated•14 years ago
|
Assignee: nobody → shailen.n.jain
Priority: P1 → P2
Target Milestone: --- → 3.12.7
Reporter | ||
Comment 8•14 years ago
|
||
Checking in lib/pki/pkibase.c; new revision: 1.32; previous revision: 1.31 Thanks for the contribution!
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•