Closed
Bug 513042
Opened 16 years ago
Closed 15 years ago
libpkix: incorrectly controlled boundary condition leads to initialization of a wrong revocation method
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.7
People
(Reporter: alvolkov.bgs, Assigned: alvolkov.bgs)
References
Details
(Whiteboard: PKIX)
Attachments
(1 file)
|
669 bytes,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
revocation methods are defined by enum in certt.h:
1003 typedef enum {
1004 cert_revocation_method_crl = 0,
1005 cert_revocation_method_ocsp,
1006 cert_revocation_method_count
1007 } CERTRevocationMethodIndex;
The following code incorrectly does the check, allowing a method that was not configured by a user to be initialized(certRevMethod is passed by a caller
and holds one of the value from the enum):
1520 if (revTest->number_of_defined_methods < certRevMethod) {
1521 return NULL;
1522 }
The attached patch fixes the problem.
Attachment #397071 -
Flags: review?(nelson)
|
Assignee | |
Updated•16 years ago
|
Whiteboard: PKIX
|
||
Comment 1•16 years ago
|
||
Comment on attachment 397071 [details] [diff] [review]
fix(integrated)
r=nelson
Attachment #397071 -
Flags: review?(nelson) → review+
|
|
Assignee | |
Comment 2•15 years ago
|
||
This patch was not checked in so far. Waiting for 3.12.7
Target Milestone: 3.12.5 → 3.12.7
|
|
||
Comment 3•15 years ago
|
||
Alexei, NOW is the time to commit your fix for this bug
|
|
Assignee | |
Updated•15 years ago
|
Attachment #397071 -
Attachment description: fix → fix(integrated)
|
|
Assignee | |
Comment 4•15 years ago
|
||
Comment on attachment 397071 [details] [diff] [review]
fix(integrated)
Nelson, thanks for the reminder.
|
|
Assignee | |
Updated•15 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•