Closed Bug 528741 Opened 12 years ago Closed 12 years ago

pkix_hash throws a null-argument exception on empty strings

Categories

(NSS :: Libraries, defect, P1)

3.12
defect

Tracking

(Not tracked)

RESOLVED FIXED
3.12.6

People

(Reporter: wtc, Assigned: wtc)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Attached patch Proposed patchSplinter Review
In libpkix, an empty string is represented by a NULL buffer pointer
and a 0 buffer length.

When libpkix hashes an empty string object, it throws a null-argument
exception because of a PKIX_NULLCHECK_TWO macro in pkix_hash that
null-checks the 'bytes' buffer pointer even when 'length' is 0.

The fix is to null-check the 'bytes' buffer pointer only when 'length'
is nonzero.
Attachment #412415 - Flags: review?(alexei.volkov.bugs)
Blocks: 528743
Comment on attachment 412415 [details] [diff] [review]
Proposed patch

Nelson, could you review this simple patch?  Is Alexei out of
the office?  Thanks.
Attachment #412415 - Flags: superreview?(nelson)
Comment on attachment 412415 [details] [diff] [review]
Proposed patch

r+
I checked in the patch on the NSS trunk (NSS 3.12.6).

Checking in pkix_tools.c;
/cvsroot/mozilla/security/nss/lib/libpkix/pkix/util/pkix_tools.c,v  <--  pkix_tools.c
new revision: 1.19; previous revision: 1.18
done
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment on attachment 412415 [details] [diff] [review]
Proposed patch

thx, Wan-teh, for fixing it.
Attachment #412415 - Flags: review?(alexei.volkov.bugs) → review+
Attachment #412415 - Flags: superreview?(nelson)
Priority: -- → P1
Version: unspecified → 3.12
You need to log in before you can comment on or make changes to this bug.