994869 - PK11_DigestOp should allow in=NULL inLen=0

Status: RESOLVED FIXED

(NSS :: Libraries, defect, P2)

Description

[Wan-Teh Chang]

Attachment: PK11_DigestOp should allow a zero-length input to be represented as a null pointer

In my fix for bug 276180, I added a null pointer check for the
|in| input buffer for PK11_DigestOp:
https://hg.mozilla.org/projects/nss/rev/135393275c21

It was intended to catch invalid input such as in=NULL inLen=8.
This check is overly strict because a zero-length input is
often represented as in=NULL inLen=0.

One way to relax this is to remove the null pointer check from
PK11_DigestOp. However, the info in bug 276180 shows the various
<hash>_Update functions in nss/lib/freebl may not check its
input, so it is less work to simply handle this in PK11_DigestOp.

Comment 1

[Wan-Teh Chang]

Comment on attachment 8404886 [details] [diff] [review]
PK11_DigestOp should allow a zero-length input to be represented as a null pointer

Patch checked in: https://hg.mozilla.org/projects/nss/rev/c1cf0ec78e13

Comment 2

[Robert Relyea]

Comment on attachment 8404886 [details] [diff] [review]
PK11_DigestOp should allow a zero-length input to be represented as a null pointer

Review of attachment 8404886 [details] [diff] [review]:
-----------------------------------------------------------------

The only possible issue is if we were depending on some side effect of calling the PKCS #11 module with a zero length. I don't think that's the case, however, so r+.