Closed
Bug 472291
Opened 15 years ago
Closed 15 years ago
crash in libpkix object leak tests due to null pointer dereferencing in pkix_build.c:3218.
Categories
(NSS :: Libraries, defect, P1)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.3
People
(Reporter: slavomir.katuscak+mozilla, Assigned: alvolkov.bgs)
Details
(Whiteboard: PKIX)
Attachments
(1 file)
1.26 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
Occured on Tinderbox machine communist when running PKIX tests, this machine use special environment variables NSS_ENABLE_PKIX_VERIFY=1 and PKIX_OBJECT_LEAK_TEST=1. This failure occurs there in many vfychain tests on this machine. From DBX log: --- Running: vfychain -d AllDB -pp -vv UserBridge.der -t Army (process id 8976) RTC: Enabling Error Checking... RTC: Running program... t@1 (l@1) signal SEGV (no mapping at the fault address) in pkix_BuildForwardDepthFirstSearch at line 3218 in file "pkix_build.c" 3218 while (state->parentState) { ---
Assignee | ||
Comment 1•15 years ago
|
||
It is a regression introduced by fix for bug 470070. Should get rid of 3230 PKIX_DECREF(prntState); since the counter on the object was already decremented by pkix_ForwardBuilderState_Destroy function.
Status: NEW → ASSIGNED
Priority: -- → P1
Assignee | ||
Comment 2•15 years ago
|
||
Attachment #355638 -
Flags: review?
Comment 3•15 years ago
|
||
Comment on attachment 355638 [details] [diff] [review] Remove PKIX_DECREF on prntState object(pkix_build.c:3230) >- PKIX_DECREF(prntState); >+ /* No need to decref the parent state. It was already done by >+ * pkix_ForwardBuilderState_Destroy function. */ Where (in what code) and when did pkix_ForwardBuilderState_Destroy get called? What was the call stack for that call?
Attachment #355638 -
Flags: review? → review?(nelson)
Assignee | ||
Comment 4•15 years ago
|
||
pkix_ForwardBuilderState_Destroy is called by PKIX_PL_Object_DecRef call before object memory is freed.
Comment 5•15 years ago
|
||
Comment on attachment 355638 [details] [diff] [review] Remove PKIX_DECREF on prntState object(pkix_build.c:3230) r=nelson
Attachment #355638 -
Flags: review?(nelson) → review+
Assignee | ||
Updated•15 years ago
|
Summary: Vfychain tests sometimes failed when debugging options are enabled. → crash in libpkix object leak tests due to null pointer dereferencing in pkix_build.c:3218.
Comment 6•15 years ago
|
||
did this patch get landed or is it ready to land now?
Assignee | ||
Comment 7•15 years ago
|
||
the patch was landed in Jan. Closing the bug...
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Updated•15 years ago
|
Whiteboard: PKIX
Updated•15 years ago
|
OS: Solaris → All
Hardware: Sun → All
You need to log in
before you can comment on or make changes to this bug.
Description
•