Wan-Teh Chang wrote: > > Thank you for providing the detailed debug information. Now > it's obvious why we crash in pk11_CollectCrls. I opened bug > 156801 (http://bugzilla.mozilla.org/show_bug.cgi?id=156801) > for this problem. This one is easy to fix. > > It's not clear why CERT_DecodeDERCrl returns a NULL pointer on > decoding a v2 CRL with no revoked certificates in it. Such a > CRL should be legal, so this seems like a bug. I opened > bug 156802 (http://bugzilla.mozilla.org/show_bug.cgi?id=156802) > for this problem.
Both of these bugs have been fixed on the tip of NSS, which is not being used by the Mozilla client. Mr. List, if you know how to build the Mozilla client from sources, you can apply the patches and test them. (We can also ship you the NSS DLLs with the fixes.) We plan to update the NSS used by the Mozilla client in early September. Please let us know if you need these fixes sooner. Wan-Teh
