Closed Bug 95794 Opened 23 years ago Closed 23 years ago

Trying to verify cert chain on temporary certificates sometimes make nss crash

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: rangansen, Assigned: rrelyea)

Details

This happened when I was trying to download the following certificate 
When it was in the process of getting downloaded [still not in the database]
calling 'CERT_VerifyCertNow' from nsNSSCertificate::GetUsageArray in PSM makes
nss crash. Here is the stack trace - 

FindSubjectList(CERTCertDBHandleStr * 0x00000000, SECItemStr * 0x04b076c0, int
0) line 2903 + 13 bytes
CERT_CreateSubjectCertList(CERTCertListStr * 0x04b514d8, CERTCertDBHandleStr *
0x00000000, SECItemStr * 0x04b076c0, __int64 997997246939000, int 1) line 7402 +
15 bytes
CERT_FindMatchingCert(CERTCertDBHandleStr * 0x00000000, SECItemStr * 0x04b076c0,
int 2, int 0, int 1, __int64 997997246939000, int 1) line 1191 + 27 bytes
CERT_FindCertIssuer(CERTCertificateStr * 0x04b07678, __int64 997997246939000,
int 0) line 375 + 40 bytes
CERT_VerifyCertChain(CERTCertDBHandleStr * 0x02f3d110, CERTCertificateStr *
0x04b07678, int 1, int 0, __int64 997997246939000, void * 0x00000000,
CERTVerifyLogStr * 0x00000000) line 670 + 21 bytes
CERT_VerifyCert(CERTCertDBHandleStr * 0x02f3d110, CERTCertificateStr *
0x04b07678, int 1, int 0, __int64 997997246939000, void * 0x00000000,
CERTVerifyLogStr * 0x00000000) line 1104 + 37 bytes
CERT_VerifyCertNow(CERTCertDBHandleStr * 0x02f3d110, CERTCertificateStr *
0x04b07678, int 1, int 0, void * 0x00000000) line 1145 + 35 bytes
nsNSSCertificate::GetUsageArray(char * 0x0247f5f4, unsigned int * 0x0012a3f0,
unsigned int * 0x0012a220, unsigned short * * 0x0012a228) line 1211 + 25 bytes
nsNSSCertificate::GetUsages(nsNSSCertificate * const 0x05d79250, unsigned int *
0x0012a3f0, unsigned int * 0x0012a400, unsigned short * * * 0x0012a410) line
1826 + 24 bytes

Its true that cert.dbHandle on this cert object would be null, but I trust that
in spite of that it should not make nss crash - maybe should return something
like 'failed to verify', or maybe use default db handle....
Assigned the bug to Bob.
Assignee: wtc → relyea

*** This bug has been marked as a duplicate of 87894 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
I don't understand why this is a duplicate of bug 87894.
I have to assume that Christopher Hoess made a mistake
in marking this bug as a duplicate and I am reopening
this bug.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Should have been bug 95754, sorry about that.
Priority: -- → P1
Target Milestone: --- → 3.4
This is a coding error in PSM. if cert.dbhandle == NULL, then it means that the
cert has not been imported into the temp DB, but is a raw cert that's just been
decoded. Those certs can't be verified until they are imported. I'm leaving this
open for now, because the temp certdb goes away in NSS 3.4, so the current code
may be OK in the new environment.

bob
PSM is trying to verify a decoded but not loaded certificate.
Status: REOPENED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.