Uninitialized memory read in nr_stun_server_ctx

RESOLVED FIXED in mozilla20

Status

()

defect
RESOLVED FIXED
7 years ago
7 years ago

People

(Reporter: ekr, Assigned: ekr)

Tracking

Trunk
mozilla20
x86
macOS
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [WebRTC] [nICEr] [qa-] [nICEr-upstream-needed])

Attachments

(1 attachment)

The offending code is here:


    if (clnt) {
        hmacPassword = &clnt->password;
    }
    else {
        hmacPassword = 0;
    }

However, hmacPassword is not used. This creates a UMR in valgrind but I do not believe has any security consequences. I marked it as "security" out of an abundance of caution.

Adam, Jesup if you agree this is safe, can you unhide it?
Attachment #694981 - Flags: review?(rjesup)
Whiteboard: [WebRTC] [nICEr]
Attachment #694981 - Flags: review?(rjesup) → review+
I think a random-memory read (and no use of the value read) is not a security issue.
Group: core-security
I see the cows are well out of the barn on this one, but I agree that there is no security issue here.
https://hg.mozilla.org/mozilla-central/rev/495e435f86d9
Assignee: nobody → ekr
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla20
Whiteboard: [WebRTC] [nICEr] → [WebRTC] [nICEr] [qa-]
Whiteboard: [WebRTC] [nICEr] [qa-] → [WebRTC] [nICEr] [qa-] [nICEr-upstream-needed]
You need to log in before you can comment on or make changes to this bug.