Closed
Bug 982778
Opened 11 years ago
Closed 11 years ago
mozilla::pkix::der::AlgorithmIdentifier leaves parameters of output value uninitialized
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla31
People
(Reporter: st3fan, Assigned: briansmith)
References
Details
Attachments
(1 file)
|
1.05 KB,
patch
|
keeler
:
review+
|
Details | Diff | Splinter Review |
The AlgorithmIdentifierNoParams test fails because algorithmID.parameters.len is not initialized.
The der::AlgorithmIdentifier() ignores the parameters (is that correct? are those never used in certificates?) so even though it then correctly sets algorithmID.algorithm, it leaves algorithmID.parameters alone, which means the parameters contain junk value.
Since this is passed to NSS at some point, I think the algorithmID.parameters should be initialized to zero or whatever is appropriate for NSS.
|
Reporter | |
Comment 1•11 years ago
|
||
The AlgorithmIdentifierNullParams test is failing for the same reason.
|
Assignee | |
Comment 2•11 years ago
|
||
Thanks. I think this is definitely a bug that needs to be fixed ASAP.
Regarding whether the parameters should be ignored or not: let's see what NSS's processing does.
|
|
Assignee | |
Updated•11 years ago
|
Assignee: nobody → brian
OS: Mac OS X → All
Hardware: x86 → All
Summary: Test failure for insanity::pkixder AlgorithmIdentifierNoParams → Test failure for insanity::der::AlgorithmIdentifier leaves parameters of output value uninitialized
|
|
Assignee | |
Updated•11 years ago
|
Summary: Test failure for insanity::der::AlgorithmIdentifier leaves parameters of output value uninitialized → insanity::der::AlgorithmIdentifier leaves parameters of output value uninitialized
|
|
Assignee | |
Comment 3•11 years ago
|
||
Attachment #8391556 -
Flags: review?(dkeeler)
|
|
Assignee | |
Comment 4•11 years ago
|
||
AlgorithmIdentifierNoParams The test is in bug 968490, cases AlgorithmIdentifierNullParams.
Target Milestone: --- → mozilla30
|
|
||
Comment 5•11 years ago
|
||
Comment on attachment 8391556 [details] [diff] [review]
fix-uninitialized-output.patch
Review of attachment 8391556 [details] [diff] [review]:
-----------------------------------------------------------------
LGTM.
Attachment #8391556 -
Flags: review?(dkeeler) → review+
|
|
||
Updated•11 years ago
|
Summary: insanity::der::AlgorithmIdentifier leaves parameters of output value uninitialized → mozilla::pkix::der::AlgorithmIdentifier leaves parameters of output value uninitialized
|
|
||
Comment 6•11 years ago
|
||
I rebased this after the big rename and pushed to inbound:
https://hg.mozilla.org/integration/mozilla-inbound/rev/08032b8280c6
|
|
||
Updated•11 years ago
|
Target Milestone: mozilla30 → mozilla31
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•