+/1 problem in pem/pobject.c causes invalid write and/or double free

RESOLVED INVALID

Status

NSS
Libraries
--
critical
RESOLVED INVALID
9 years ago
9 years ago

People

(Reporter: Kamil Dudka, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

9 years ago
User-Agent:       Opera/9.50 (X11; Linux x86_64; U; en)
Build Identifier: nss-pem-20080124

minimal example: https://bugzilla.redhat.com/attachment.cgi?id=331111
proposed patch: https://bugzilla.redhat.com/attachment.cgi?id=333603

reported against Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=483855

Reproducible: Always

Steps to Reproduce:
1. run referred test

Actual Results:  
crash/undefined behavior


patch is simple

Comment 1

9 years ago
The PEM reader is not (yet?) part of NSS, see bug 402712. The fix should go into an updated version of the patch attached to that bug (attachment 287590 [details] [diff] [review]).
Status: UNCONFIRMED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → INVALID
(Reporter)

Comment 2

9 years ago
Thanks for routing me! I will report it there.
You need to log in before you can comment on or make changes to this bug.