Closed
Bug 1227090
Opened 10 years ago
Closed 6 years ago
[Static Analysis][Division by zero] Function makePfromQandSeed from lib/freebl/pqg.c could lead to a division by 0
Categories
(NSS :: Libraries, defect, P3)
NSS
Libraries
Tracking
(firefox45 affected)
RESOLVED
FIXED
3.45
| Tracking | Status | |
|---|---|---|
| firefox45 | --- | affected |
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: clang-analyzer, good-first-bug)
Attachments
(1 file, 4 obsolete files)
The Static Analysis tool Scan-Build added that variable outlen from makePfromQandSeed could lead to a division by 0 if HASH_ResultLen gets called with improper parameters.
|
Assignee | |
Comment 1•10 years ago
|
||
|
|
Assignee | |
Updated•10 years ago
|
Summary: [Static Analysis][Logic error] Function makePfromQandSeed from security/nss/lib/freebl/pqg.c could lead to a division by 0 → [Static Analysis][Division by zero] Function makePfromQandSeed from security/nss/lib/freebl/pqg.c could lead to a division by 0
|
|
Assignee | |
Comment 2•10 years ago
|
||
Updated previous path in order to log the error with invalid argument function call.
|
||
Updated•10 years ago
|
Component: Security → Libraries
Product: Core → NSS
Version: Trunk → trunk
|
|
Assignee | |
Updated•9 years ago
|
Blocks: clang-based-analysis
Keywords: clang-analyzer
|
|
Assignee | |
Comment 3•9 years ago
|
||
Hello Robert,
Could you please take a look other this patch?
THX
Attachment #8690780 -
Attachment is obsolete: true
Attachment #8690782 -
Attachment is obsolete: true
Attachment #8696423 -
Flags: review?(rrelyea)
|
||
Updated•8 years ago
|
Keywords: good-first-bug
Priority: -- → P3
Summary: [Static Analysis][Division by zero] Function makePfromQandSeed from security/nss/lib/freebl/pqg.c could lead to a division by 0 → [Static Analysis][Division by zero] Function makePfromQandSeed from lib/freebl/pqg.c could lead to a division by 0
|
|
||
Comment 4•8 years ago
|
||
Comment on attachment 8696423 [details] [diff] [review]
Bug 1227090.diff
Review of attachment 8696423 [details] [diff] [review]:
-----------------------------------------------------------------
::: security/nss/lib/freebl/pqg.c
@@ +1009,5 @@
> CHECK_MPI_OK( mp_init(&V_n) );
>
> hashlen = HASH_ResultLen(hashtype);
> outlen = hashlen*PR_BITS_PER_BYTE;
> + if (outlen <= 0)
This should rather be an assertion. There's no way that `makePfromQandSeed()` is passed an invalid hash type.
Attachment #8696423 -
Flags: review?(rrelyea) → review-
|
|
Assignee | |
Comment 5•8 years ago
|
||
Attachment #8907539 -
Flags: review?(ttaubert)
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8696423 -
Attachment is obsolete: true
|
||
Comment 6•6 years ago
|
||
:andi Tim is gone, maybe ask some else to review these?
Flags: needinfo?(bpostelnicu)
QA Contact: jjones
|
|
Assignee | |
Comment 7•6 years ago
|
||
|
|
Assignee | |
Updated•6 years ago
|
Attachment #8907539 -
Attachment is obsolete: true
Flags: needinfo?(bpostelnicu)
Attachment #8907539 -
Flags: review?(ttaubert)
|
|
Assignee | |
Updated•6 years ago
|
Keywords: checkin-needed
|
||
Comment 8•6 years ago
|
||
|
|
||
Comment 9•6 years ago
|
||
Status: NEW → RESOLVED
Closed: 6 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → 3.45
You need to log in
before you can comment on or make changes to this bug.
Description
•