nssCKFWSession_SetOperationState reads uninitialized state.data[0] from NSSCKFWC_SetOperationState

RESOLVED FIXED

Status

NSS
Libraries
--
major
RESOLVED FIXED
8 years ago
8 years ago

People

(Reporter: timeless, Assigned: timeless)

Tracking

({coverity})

trunk
x86
All
coverity

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Attachments

(1 attachment, 2 obsolete attachments)

801 bytes, patch
Robert Relyea
: review+
Details | Diff | Splinter Review
(Assignee)

Description

8 years ago
1723 	NSSCKFWC_SetOperationState
1732 	{
1737 	  NSSItem state;

1780 	  error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);

1140 	nssCKFWSession_SetOperationState
1147 	{

1189 	  ulBuffer = (CK_ULONG *)state->data;
1190 	  if( 0x43b4657 != ulBuffer[0] ) {
(Assignee)

Comment 1

8 years ago
Created attachment 430533 [details] [diff] [review]
proposal

This patch has an hg changeset header but is actually a cvs diff, i believe it should apply easily to both hg and cvs
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #430533 - Flags: review?(nelson)
Comment on attachment 430533 [details] [diff] [review]
proposal

I'm passing this review request to Bob.  He's the expert on ckfw.
Attachment #430533 - Flags: review?(nelson) → review?(rrelyea)

Comment 3

8 years ago
Comment on attachment 430533 [details] [diff] [review]
proposal

You've definately found a but, but the patch doesn't actually solve it.

The correct code would be 

state.data = pOperationState;
state.len = ulOperationStatelen;

bob
Attachment #430533 - Flags: review?(rrelyea) → review-

Comment 4

8 years ago
Created attachment 434211 [details] [diff] [review]
Patch V 1

Bob :

 Can you please review this patch ?

Thanks,
Shailendra
Attachment #430533 - Attachment is obsolete: true
Attachment #434211 - Flags: review?(rrelyea)

Comment 5

8 years ago
Created attachment 434215 [details] [diff] [review]
Patch Version 2

Bob :

 Please ignore my earlier patch and requesting to review this new patch

Thanks,
Shailendra
Attachment #434211 - Attachment is obsolete: true
Attachment #434215 - Flags: review?(rrelyea)
Attachment #434211 - Flags: review?(rrelyea)

Comment 6

8 years ago
Comment on attachment 434215 [details] [diff] [review]
Patch Version 2

r+ do you need me to check it in?

bob
Attachment #434215 - Flags: review?(rrelyea) → review+
Bob, yes, Please checkin the patch(es) you reviewed for Timeless.

Comment 8

8 years ago
Checking in wrap.c;
/cvsroot/mozilla/security/nss/lib/ckfw/wrap.c,v  <--  wrap.c
new revision: 1.19; previous revision: 1.18
done

Thanks timeless and shailen!

bob
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.