You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.
Curl_nss_md5sum/Curl_nss_sha256sum doesn't check the context pointer, which may be NULL.
Passing NULL pointer to PK11_DigestOp() will cause SIGSEGV if the input data is not empty.
The following code is from the master branch of nss
SECStatusPK11_DigestOp(PK11Context*context, constunsigned char*in, unsignedinLen)
{
CK_RVcrv=CKR_OK;
SECStatusrv=SECSuccess;
if (inLen==0) {
returnSECSuccess;
}
if (!in) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
returnSECFailure;
}
/* if we ran out of session, we need to restore our previously stored * state. */context->init=PR_FALSE;
... ...
I expected the following
curl/libcurl version
master branch. Maybe other branches also have this bug.
The text was updated successfully, but these errors were encountered:
Curl_nss_md5sum/Curl_nss_sha256sum doesn't check the context pointer, which may be NULL.
Passing NULL pointer to
PK11_DigestOp()
will cause SIGSEGV if the input data is not empty.The following code is from the master branch of nss
I expected the following
curl/libcurl version
master branch. Maybe other branches also have this bug.
The text was updated successfully, but these errors were encountered: