Closed
Bug 722496
Opened 12 years ago
Closed 12 years ago
JPakeCrypto.java potential null pointer dereferences
Categories
(Firefox for Android Graveyard :: Android Sync, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
mozilla13
People
(Reporter: dchanm+bugzilla, Assigned: nalexander)
References
Details
(Whiteboard: [qa-])
If secret.getBytes() fails, then y2 will be undefined and y1.modPow(y2, P); will throw an exception [1] If MessageDisgest.getInstance() or id.getBytes() fail then an exception will be thrown at sha.digsst() or BigIntegerHelper.ByteArrayToBigIntegerWithoutSign [2][3] The code should abort / return error in these cases. [1] - https://github.com/mozilla-services/android-sync/blob/master/src/main/java/org/mozilla/gecko/sync/jpake/JPakeCrypto.java#L153 [2] - https://github.com/mozilla-services/android-sync/blob/master/src/main/java/org/mozilla/gecko/sync/jpake/JPakeCrypto.java#L297 [3] - https://github.com/mozilla-services/android-sync/blob/master/src/main/java/org/mozilla/gecko/sync/jpake/BigIntegerHelper.java#L45
Comment 1•12 years ago
|
||
The parameter should not be a string, but a byte array. Whatever conversion from string to byte array that might be necessary should happen in the non-crypto code.
Assignee | ||
Updated•12 years ago
|
Assignee: nobody → nalexander
Priority: -- → P1
Comment 2•12 years ago
|
||
Fixed in develop: https://github.com/mozilla-services/android-sync/commit/7721c1c50f28113ddd0db235894175e317c41a41
Comment 3•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/1bfbf78359af
Target Milestone: --- → mozilla13
Updated•12 years ago
|
Whiteboard: [qa-]
Updated•11 years ago
|
Product: Mozilla Services → Android Background Services
Updated•7 years ago
|
Product: Android Background Services → Firefox for Android
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•