Last Comment Bug 528184 - Invalid read, missing null check in nsNSSIOLayer.cpp
: Invalid read, missing null check in nsNSSIOLayer.cpp
Status: RESOLVED FIXED
: fixed1.9.0.18
Product: Core
Classification: Components
Component: Security: PSM (show other bugs)
: 1.9.2 Branch
: Other Linux
: -- normal (vote)
: mozilla1.9.3a1
Assigned To: Oleg Romashin (:romaxa)
:
Mentors:
Depends on:
Blocks: 370875
  Show dependency treegraph
 
Reported: 2009-11-12 05:06 PST by Oleg Romashin (:romaxa)
Modified: 2010-02-02 01:57 PST (History)
3 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
beta5-fixed
.8-fixed


Attachments
Valgrind log (258.51 KB, text/x-log)
2009-11-12 05:06 PST, Oleg Romashin (:romaxa)
no flags Details
Null check (713 bytes, patch)
2009-11-12 05:06 PST, Oleg Romashin (:romaxa)
kaie: review+
mbeltzner: approval1.9.2+
dveditz: approval1.9.1.8+
dveditz: approval1.9.0.18+
Details | Diff | Splinter Review

Description Oleg Romashin (:romaxa) 2009-11-12 05:06:01 PST
Created attachment 411951 [details]
Valgrind log

==15903== Invalid read of size 4
==15903==    at 0x528B6CA: nsNSSSocketInfo::EnsureDocShellDependentStuffKnown() (nsNSSIOLayer.cpp:406)
==15903==    by 0x528C457: nsNSSSocketInfo::GetPreviousCert(nsIX509Cert**) (nsNSSIOLayer.cpp:757)
==15903==    by 0x527FF2A: HandshakeCallback(PRFileDesc*, void*) (nsNSSCallbacks.cpp:918)
==15903==    by 0x5956AB1: ssl3_HandleFinished (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x5957D5D: ssl3_HandleHandshakeMessage (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x5958537: ssl3_HandleRecord (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x5958A4F: ssl3_GatherCompleteHandshake (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x595CB15: ssl_GatherRecord1stHandshake (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x595FA8C: ssl_Do1stHandshake (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x59606D4: ssl_SecureSend (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x596077C: ssl_SecureWrite (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x59639E4: ssl_Write (in /home/romaxa/microbcomponent/hg/microb-engine-nopatches/build-tree/obj-i386-sb-syscairo-buildxulrunner/nss/ssl/libssl3.so)
==15903==    by 0x527D069: nsSSLThread::Run() (nsSSLThread.cpp:1045)
==15903==    by 0x527BD3D: nsPSMBackgroundThread::nsThreadRunner(void*) (nsPSMBackgroundThread.cpp:44)
==15903==    by 0x580991A: _pt_root (ptthread.c:228)
==15903==    by 0x407BE37: start_thread (in /targets/fr2009x86/lib/libpthread-2.5.so)
==15903==    by 0x5B7B11D: clone (in /targets/fr2009x86/lib/libc-2.5.so)
==15903==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
Comment 1 Oleg Romashin (:romaxa) 2009-11-12 05:06:53 PST
Created attachment 411952 [details] [diff] [review]
Null check
Comment 2 Kai Engert (:kaie) 2009-11-12 09:00:18 PST
Comment on attachment 411952 [details] [diff] [review]
Null check

r=kaie, Thanks a lot!

We should add this to stable branches.
Comment 3 Oleg Romashin (:romaxa) 2009-11-12 09:46:41 PST
Pushed in:
http://hg.mozilla.org/mozilla-central/rev/464d3a639680
Comment 4 Mike Beltzner [:beltzner, not reading bugmail] 2009-12-02 05:12:32 PST
Comment on attachment 411952 [details] [diff] [review]
Null check

a192=beltzner, null checks ftw!
Comment 5 Marco Bonardo [::mak] 2009-12-02 08:22:49 PST
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/ce098210dac3
Comment 6 Daniel Veditz [:dveditz] 2009-12-02 15:51:36 PST
Comment on attachment 411952 [details] [diff] [review]
Null check

Approved for 1.9.1.7 and 1.9.0.17, a=dveditz for release-drivers
Comment 7 Daniel Veditz [:dveditz] 2010-02-02 01:53:13 PST
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/319d9ca8ab32

Checking in security/manager/ssl/src/nsNSSIOLayer.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp,v  <--  nsNSSIOLayer.cpp
new revision: 1.166; previous revision: 1.165

Note You need to log in before you can comment on or make changes to this bug.