Closed Bug 528184 Opened 15 years ago Closed 15 years ago

Invalid read, missing null check in nsNSSIOLayer.cpp

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
1.9.2 Branch
Platform:
Other
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.9.3a1
Tracking Flags:
Tracking Status
status1.9.2 --- beta5-fixed
status1.9.1 --- .8-fixed

People

(Reporter: romaxa, Assigned: romaxa)

References

Details

(Keywords: fixed1.9.0.18)

Attachments

(2 files)

Valgrind log
258.51 KB, text/x-log
Details
Null check
713 bytes, patch
KaiE
: review+
beltzner
: approval1.9.2+
dveditz
: approval1.9.1.8+
dveditz
: approval1.9.0.18+
Details | Diff | Splinter Review
Attached file Valgrind log
==15903== Invalid read of size 4 ==15903== at 0x528B6CA: nsNSSSocketInfo::EnsureDocShellDependentStuffKnown() (nsNSSIOLayer.cpp:406) ==15903== by 0x528C457: nsNSSSocketInfo::GetPreviousCert(nsIX509Cert**) (nsNSSIOLayer.cpp:757) ==15903== by 0x527FF2A: HandshakeCallback(PRFileDesc*, void*) (nsNSSCallbacks.cpp:918) ==15903== by 0x5956AB1: ssl3_HandleFinished (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x5957D5D: ssl3_HandleHandshakeMessage (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x5958537: ssl3_HandleRecord (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x5958A4F: ssl3_GatherCompleteHandshake (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x595CB15: ssl_GatherRecord1stHandshake (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x595FA8C: ssl_Do1stHandshake (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x59606D4: ssl_SecureSend (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x596077C: ssl_SecureWrite (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x59639E4: ssl_Write (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so) ==15903== by 0x527D069: nsSSLThread::Run() (nsSSLThread.cpp:1045) ==15903== by 0x527BD3D: nsPSMBackgroundThread::nsThreadRunner(void*) (nsPSMBackgroundThread.cpp:44) ==15903== by 0x580991A: _pt_root (ptthread.c:228) ==15903== by 0x407BE37: start_thread (in /targets/fr2009x86/lib/libpthread-2.5.so) ==15903== by 0x5B7B11D: clone (in /targets/fr2009x86/lib/libc-2.5.so) ==15903== Address 0x0 is not stack'd, malloc'd or (recently) free'd
Attached patch Null checkSplinter Review
Attachment #411952 - Flags: review?(kaie)
Comment on attachment 411952 [details] [diff] [review] Null check r=kaie, Thanks a lot! We should add this to stable branches.
Attachment #411952 - Flags: review?(kaie)
Attachment #411952 - Flags: review+
Attachment #411952 - Flags: approval1.9.2?
Attachment #411952 - Flags: approval1.9.1.7?
Attachment #411952 - Flags: approval1.9.0.17?
Keywords: checkin-needed
Pushed in: http://hg.mozilla.org/mozilla-central/rev/464d3a639680
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Keywords: checkin-needed
Assignee: kaie → romaxa
Target Milestone: --- → mozilla1.9.3a1
Comment on attachment 411952 [details] [diff] [review] Null check a192=beltzner, null checks ftw!
Attachment #411952 - Flags: approval1.9.2? → approval1.9.2+
Comment on attachment 411952 [details] [diff] [review] Null check Approved for 1.9.1.7 and 1.9.0.17, a=dveditz for release-drivers
Attachment #411952 - Flags: approval1.9.1.7?
Attachment #411952 - Flags: approval1.9.1.7+
Attachment #411952 - Flags: approval1.9.0.17?
Attachment #411952 - Flags: approval1.9.0.17+
Whiteboard: [needs 1.9.1/1.9.0 landing]
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/319d9ca8ab32 Checking in security/manager/ssl/src/nsNSSIOLayer.cpp; /cvsroot/mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp,v <-- nsNSSIOLayer.cpp new revision: 1.166; previous revision: 1.165
status1.9.1: --- → .8-fixed
Keywords: fixed1.9.0.18
Whiteboard: [needs 1.9.1/1.9.0 landing]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: