Bug 1087031

Summary: nss.Certificate.check_ocsp_status segfaults
Product: [Fedora] Fedora Reporter: computerzerstoerer
Component: python-nssAssignee: John Dennis <jdennis>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: jdennis
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: python-nss-0.15.0-1.fc20 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-05-02 18:38:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description computerzerstoerer 2014-04-13 08:57:13 UTC 
Steps to Reproduce:
1. Get an nss.Certificate object somehow
2. Invoke check_ocsp_status on that object

Actual results:
segfault

Expected results:
no segfault


Additional info:
The bug is in src/py_nss.c:9185

   9185     if (!PyArg_ParseTuple(args, "O&O&:check_ocsp_status",
   9186                           &CertDBType, &py_certdb,
   9187                           PRTimeConvert, &pr_time)) {

The format string expects two object arguments with converter functions. This works perfectly fine for the time argument: PyArg_ParseTuple invokes PRTimeConvert which then converts the time and writes it into pr_time. However, CertDBType is not a function, it's a PyTypeObject variable. PyArg_ParseTuple will then invoke the *data* and crash.

The fix is trivial:

9185c9185
<     if (!PyArg_ParseTuple(args, "O&O&:check_ocsp_status",
---
>     if (!PyArg_ParseTuple(args, "O!O&:check_ocsp_status",
Comment 1 John Dennis 2014-05-02 18:38:23 UTC 
Thank you for the bug report. Good catch. Clear explanation.

Fixed in rawhide, python-nss-0.15.0-2.fc21

Fixed in F20: python-nss-0.14.0-3.fc20
Comment 2 Fedora Update System 2014-06-10 23:11:14 UTC 
python-nss-0.15.0-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/python-nss-0.15.0-1.fc20
Comment 3 Fedora Update System 2014-06-15 01:54:13 UTC 
python-nss-0.15.0-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.