Bug 1460016 - PK11Store.getEncryptedPrivateKeyInfo() segfault if export fails
PK11Store.getEncryptedPrivateKeyInfo() segfault if export fails
Status: MODIFIED
Product: Fedora
Classification: Fedora
Component: jss (Show other bugs)
27
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Fraser Tweedale
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 1460019
  Show dependency treegraph
 
Reported: 2017-06-08 16:44 EDT by Matthew Harmsen
Modified: 2017-09-12 11:33 EDT (History)
7 users (show)

See Also:
Fixed In Version: jss-4.4.2-5.fc27
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1460019 (view as bug list)
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 1371147 None None None 2017-06-08 16:44 EDT

  None (edit)
Description Matthew Harmsen 2017-06-08 16:44:40 EDT
PK11Store.getEncryptedPrivateKeyInfo() segfaults if export fails

Steps to reproduce:

    Use PK11Store.getEncryptedPrivateKeyInfo() with Thales nethsm.

Actual results:

    PK11_ExportEncryptedPrivKeyInfo returning NULL is not being handled
    properly, causing segfault.


Expected results:

    Detect this condition and raise a
    TokenException instead.

Additional Information:

    Patch is attached to upstream bug
    https://bugzilla.mozilla.org/show_bug.cgi?id=1371147
Comment 1 Jan Kurik 2017-08-15 04:17:05 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 27 development cycle.
Changing version to '27'.
Comment 2 Matthew Harmsen 2017-09-08 17:41:24 EDT
Upstream Check-in:

cfu checked-in the following changes provided by ftweedal:

changeset:   2204:87dca07f7529
tag:         tip
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Fri Sep 08 11:56:04 2017 -0700
summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -

changeset:   2203:b3b653faef84
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Fri Sep 08 11:53:36 2017 -0700
summary:     bug 1370778 PBE and padded block cipher enhancements and fixes -

changeset:   2202:0b8a6e84b6c7
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Fri Sep 08 11:50:21 2017 -0700
summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -

changeset:   2201:d39e9b373798
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Fri Sep 08 11:32:32 2017 -0700
summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -

changeset:   2200:890216599f21
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Fri Sep 08 11:21:22 2017 -0700
summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -

changeset:   2199:bada1409d2bb
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Fri Sep 08 11:15:29 2017 -0700
summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -

changeset:   2198:3629b598a9ce
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Fri Sep 08 11:09:23 2017 -0700
summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -
Comment 3 Matthew Harmsen 2017-09-11 14:59:19 EDT
(In reply to Matthew Harmsen from comment #2)
> Upstream Check-in:
> 
> cfu checked-in the following changes provided by ftweedal:
> 
> changeset:   2204:87dca07f7529
> tag:         tip
> user:        Fraser Tweedale<ftweedale@redhat.com>
> date:        Fri Sep 08 11:56:04 2017 -0700
> summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -
> 
> changeset:   2203:b3b653faef84
> user:        Fraser Tweedale<ftweedale@redhat.com>
> date:        Fri Sep 08 11:53:36 2017 -0700
> summary:     bug 1370778 PBE and padded block cipher enhancements and fixes -
> 
> changeset:   2202:0b8a6e84b6c7
> user:        Fraser Tweedale<ftweedale@redhat.com>
> date:        Fri Sep 08 11:50:21 2017 -0700
> summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -
> 
> changeset:   2201:d39e9b373798
> user:        Fraser Tweedale<ftweedale@redhat.com>
> date:        Fri Sep 08 11:32:32 2017 -0700
> summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -
> 
> changeset:   2200:890216599f21
> user:        Fraser Tweedale<ftweedale@redhat.com>
> date:        Fri Sep 08 11:21:22 2017 -0700
> summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -
> 
> changeset:   2199:bada1409d2bb
> user:        Fraser Tweedale<ftweedale@redhat.com>
> date:        Fri Sep 08 11:15:29 2017 -0700
> summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -
> 
> changeset:   2198:3629b598a9ce
> user:        Fraser Tweedale<ftweedale@redhat.com>
> date:        Fri Sep 08 11:09:23 2017 -0700
> summary:     Bug 1370778 PBE and padded block cipher enhancements and fixes -

INCORRECT CHECK-IN MESSAGE -- these are for https://bugzilla.redhat.com/show_bug.cgi?id=1490489
Comment 4 Matthew Harmsen 2017-09-11 20:46:38 EDT
cfu checked-in ftweedal's patch:

changeset:   2205:3e9a5ae2149d
tag:         tip
user:        Fraser Tweedale<ftweedale@redhat.com>
date:        Mon Sep 11 17:24:22 2017 -0700
summary:     Bug 1371147 PK11Store.getEncryptedPrivateKeyInfo() segfault if export fails -

Note You need to log in before you can comment on or make changes to this bug.