Fix crash in tls13_DestroyKeyShares
https://bugzilla.mozilla.org/show_bug.cgi?id=1342358
This commit is contained in:
parent
1f164283dd
commit
558fa42039
|
@ -0,0 +1,55 @@
|
|||
# HG changeset patch
|
||||
# User Tim Taubert <ttaubert@mozilla.com>
|
||||
# Date 1488574640 -3600
|
||||
# Fri Mar 03 21:57:20 2017 +0100
|
||||
# Branch NSS_3_28_BRANCH
|
||||
# Node ID b8145d465ad4086439c4e52df434d9046949127a
|
||||
# Parent 3b9ccd6b37c7242f69404fa4a444b43efb12e319
|
||||
Bug 1342358 - Make sure xtnData->remoteKeyShares was initialized before calling tls13_DestroyKeyShares() r=franziskus
|
||||
|
||||
Differential Revision: https://nss-review.dev.mozaws.net/D234
|
||||
|
||||
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
|
||||
--- a/lib/ssl/ssl3con.c
|
||||
+++ b/lib/ssl/ssl3con.c
|
||||
@@ -13294,8 +13294,6 @@ ssl3_DestroySSL3Info(sslSocket *ss)
|
||||
tls13_DestroyEarlyData(&ss->ssl3.hs.bufferedEarlyData);
|
||||
|
||||
ss->ssl3.initialized = PR_FALSE;
|
||||
-
|
||||
- SECITEM_FreeItem(&ss->xtnData.nextProto, PR_FALSE);
|
||||
}
|
||||
|
||||
#define MAP_NULL(x) (((x) != 0) ? (x) : SEC_OID_NULL_CIPHER)
|
||||
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
|
||||
--- a/lib/ssl/sslsock.c
|
||||
+++ b/lib/ssl/sslsock.c
|
||||
@@ -3704,6 +3704,7 @@ ssl_NewSocket(PRBool makeLocks, SSLProto
|
||||
PR_INIT_CLIST(&ss->ssl3.hs.lastMessageFlight);
|
||||
PR_INIT_CLIST(&ss->ssl3.hs.cipherSpecs);
|
||||
PR_INIT_CLIST(&ss->ssl3.hs.bufferedEarlyData);
|
||||
+ ssl3_InitExtensionData(&ss->xtnData);
|
||||
if (makeLocks) {
|
||||
rv = ssl_MakeLocks(ss);
|
||||
if (rv != SECSuccess)
|
||||
@@ -3715,7 +3716,6 @@ ssl_NewSocket(PRBool makeLocks, SSLProto
|
||||
rv = ssl3_InitGather(&ss->gs);
|
||||
if (rv != SECSuccess)
|
||||
goto loser;
|
||||
- ssl3_InitExtensionData(&ss->xtnData);
|
||||
return ss;
|
||||
|
||||
loser:
|
||||
diff --git a/lib/ssl/tls13con.c b/lib/ssl/tls13con.c
|
||||
--- a/lib/ssl/tls13con.c
|
||||
+++ b/lib/ssl/tls13con.c
|
||||
@@ -2853,6 +2853,9 @@ tls13_DestroyKeyShares(PRCList *list)
|
||||
{
|
||||
PRCList *cur_p;
|
||||
|
||||
+ /* The list must be initialized. */
|
||||
+ PORT_Assert(PR_LIST_HEAD(list));
|
||||
+
|
||||
while (!PR_CLIST_IS_EMPTY(list)) {
|
||||
cur_p = PR_LIST_TAIL(list);
|
||||
PR_REMOVE_LINK(cur_p);
|
8
nss.spec
8
nss.spec
|
@ -21,7 +21,7 @@ Name: nss
|
|||
Version: 3.28.3
|
||||
# for Rawhide, please always use release >= 2
|
||||
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
||||
Release: 1.0%{?dist}
|
||||
Release: 1.1%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
@ -112,6 +112,8 @@ Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
|||
Patch59: nss-check-policy-file.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1280846
|
||||
Patch62: nss-skip-util-gtest.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1342358
|
||||
Patch63: nss-init-extension-data-early.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
@ -195,6 +197,7 @@ low level services.
|
|||
pushd nss
|
||||
%patch59 -p1 -b .check_policy_file
|
||||
%patch62 -p0 -b .skip_util_gtest
|
||||
%patch63 -p1 -b .init_extension_data_early
|
||||
popd
|
||||
|
||||
#########################################################
|
||||
|
@ -803,6 +806,9 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Thu Mar 16 2017 Daiki Ueno <dueno@redhat.com> - 3.28.3-1.1
|
||||
- Fix crash in tls13_DestroyKeyShares
|
||||
|
||||
* Tue Feb 21 2017 Daiki Ueno <dueno@redhat.com> - 3.28.3-1.0
|
||||
- Rebase to NSS 3.28.3
|
||||
|
||||
|
|
Loading…
Reference in New Issue