Closed Bug 550203 Opened 14 years ago Closed 14 years ago

nssCKFWSession_SetOperationState reads uninitialized state.data[0] from NSSCKFWC_SetOperationState

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: timeless, Assigned: timeless)

References

(
URL
)

Details

(Keywords: coverity)

Attachments

(1 file, 2 obsolete files)

Patch Version 2
801 bytes, patch
rrelyea
: review+
Details | Diff | Splinter Review 
1723 	NSSCKFWC_SetOperationState
1732 	{
1737 	  NSSItem state;

1780 	  error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);

1140 	nssCKFWSession_SetOperationState
1147 	{

1189 	  ulBuffer = (CK_ULONG *)state->data;
1190 	  if( 0x43b4657 != ulBuffer[0] ) {
Attached patch proposal (obsolete) — Splinter Review 
This patch has an hg changeset header but is actually a cvs diff, i believe it should apply easily to both hg and cvs
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #430533 - Flags: review?(nelson)
Comment on attachment 430533 [details] [diff] [review]
proposal

I'm passing this review request to Bob.  He's the expert on ckfw.
Attachment #430533 - Flags: review?(nelson) → review?(rrelyea)
Comment on attachment 430533 [details] [diff] [review]
proposal

You've definately found a but, but the patch doesn't actually solve it.

The correct code would be 

state.data = pOperationState;
state.len = ulOperationStatelen;

bob
Attachment #430533 - Flags: review?(rrelyea) → review-
Attached patch Patch V 1 (obsolete) — Splinter Review 
Bob :

 Can you please review this patch ?

Thanks,
Shailendra
Attachment #430533 - Attachment is obsolete: true
Attachment #434211 - Flags: review?(rrelyea)
Attached patch Patch Version 2Splinter Review 
Bob :

 Please ignore my earlier patch and requesting to review this new patch

Thanks,
Shailendra
Attachment #434211 - Attachment is obsolete: true
Attachment #434215 - Flags: review?(rrelyea)
Attachment #434211 - Flags: review?(rrelyea)
Comment on attachment 434215 [details] [diff] [review]
Patch Version 2

r+ do you need me to check it in?

bob
Attachment #434215 - Flags: review?(rrelyea) → review+
Bob, yes, Please checkin the patch(es) you reviewed for Timeless.
Checking in wrap.c;
/cvsroot/mozilla/security/nss/lib/ckfw/wrap.c,v  <--  wrap.c
new revision: 1.19; previous revision: 1.18
done

Thanks timeless and shailen!

bob
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: