Hi, thank you for sending us this bug report with a patch!
Discussions about NSS are best sent to dev-tech-cry...@lists.mozilla.org. But I have filed a bug at <https://bugzilla.mozilla.org/show_bug.cgi?id=1630925> nevertheless. Cheers, Freddy Am 16.04.20 um 15:49 schrieb zhujianwei (C): > Hi , dev-security@lists.mozilla.org > > I found a bug in function NSS_CMSSignedData_GetSignerInfo, sigd->signerInfos > not judged !NULL before use. It cause core dump. > > NSSCMSSignerInfo * > NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i) > { > if (!sigd) { > PORT_SetError(SEC_ERROR_INVALID_ARGS); > return NULL; > } > return sigd->signerInfos[i]; > } > > > Signed-off-by: zhujianwei7 <zhujianw...@huawei.com> > --- > > diff -uNr nss/lib/smime/cmssigdata.c nss.fix/lib/smime/cmssigdata.c > --- nss/lib/smime/cmssigdata.c 2018-12-01 06:41:31.000000000 +0800 > +++ nss.fix/lib/smime/cmssigdata.c 2020-04-08 08:20:28.931050077 +0800 > @@ -476,7 +476,7 @@ > NSSCMSSignerInfo * > NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i) > { > - if (!sigd) { > + if (!sigd || !sigd->signerInfos) { > PORT_SetError(SEC_ERROR_INVALID_ARGS); > return NULL; > } > _______________________________________________ > dev-security mailing list > dev-security@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security > _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
