Closed Bug 507379 Opened 11 years ago Closed 11 years ago

hostname from SSL_RevealURL is null checked too late [@ nsDependentCString - nsNSSBadCertHandler]

Categories

(Core :: Security: PSM, defect, critical)

defect
Not set
critical

Tracking

()

RESOLVED FIXED
mozilla1.9.3a1

People

(Reporter: timeless, Assigned: timeless)

References

(Blocks 1 open bug, )

Details

(Keywords: coverity, crash)

Crash Data

Attachments

(1 file)

3168 nsNSSBadCertHandler(void *arg, PRFileDesc *sslSocket)
3200   char *hostname = SSL_RevealURL(sslSocket);
3201   charCleaner hostnameCleaner(hostname); 
3202   nsDependentCString hostString(hostname);
3214   if (hostname && hostname[0] &&
Assignee: kaie → timeless
Status: NEW → ASSIGNED
Attachment #391702 - Flags: review?(kaie)
Comment on attachment 391702 [details] [diff] [review]
patch
[Checkin: Comment 3]

r=kaie

Thanks for the patch
Attachment #391702 - Flags: review?(kaie) → review+
Keywords: checkin-needed
Comment on attachment 391702 [details] [diff] [review]
patch
[Checkin: Comment 3]


http://hg.mozilla.org/mozilla-central/rev/525d2bb69a7c
Attachment #391702 - Attachment description: patch → patch [Checkin: Comment 3]
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.3a1
Crash Signature: [@ nsDependentCString - nsNSSBadCertHandler]
You need to log in before you can comment on or make changes to this bug.