Closed Bug 78556 Opened 24 years ago Closed 24 years ago

Crash when viewing cert w/o a version entry

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: javi, Assigned: javi)

Details

Attachments

(1 file)

Patch to fix crashing bug.
802 bytes, patch
Details | Diff | Splinter Review
The version field in a certificate is optional. If the user tries to view a certificate that does not have the version field set, the browser crashes in the depths of PSM 2. Patch coming shortly.
thayes,ddrinan: review please.
r=ddrinan.
So by adding this check does it mean that SEC_ASN1DecodeInteger() in GetIntValue() is crashing? Can't we beef that up instead? It seems odd to check a member before passing it into the function because the function can't handle it.
SEC_ASN1DecodeInteger is an NSS function, we can file a separate bug against NSS, but even then we'd have to pick up a new version of NSS for us to get this fix. We could push the test into GetIntValue and add logic to ProcessVersion to deal with the bad output.
Open a bug to mark that NSS should be fixed with a reminder to come back and fix this code* and you have have a bright shiny sr=blizzard. * Am I anal or what?
Fix checked in
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Verified per javi's comment.
Status: RESOLVED → VERIFIED
Product: PSM → Core
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: