external/nss/ubsan.patch.0 | 9 +++++++++
1 file changed, 9 insertions(+)
New commits:
commit a5d3a3446832a7761584a00f7d2bc76ee713eb64
Author: Stephan Bergmann <sberg...@redhat.com>
AuthorDate: Wed Nov 3 22:13:42 2021 +0100
Commit: Stephan Bergmann <sberg...@redhat.com>
CommitDate: Wed Nov 3 23:17:55 2021 +0100
external/nss: Silence invalid-null-argument
...that happens now with --with-webdav=curl,
> libc.c:107:21: runtime error: null pointer passed as argument 1, which is
declared to never be null
> /usr/include/string.h:65:33: note: nonnull attribute specified here
> #0 in nsslibc_memequal at
workdir/UnpackedTarball/nss/nss/lib/base/libc.c:107:14
(instdir/program/libnss3.so +0x68cdb7)
> #1 in nssItem_Equal at
workdir/UnpackedTarball/nss/nss/lib/base/item.c:185:12
(instdir/program/libnss3.so +0x68f59c)
> #2 in find_object_in_collection at
workdir/UnpackedTarball/nss/nss/lib/pki/pkibase.c:714:18
(instdir/program/libnss3.so +0x63a72c)
> [...]
> #49 in (anonymous namespace)::UpdateCheckThread::run() at
extensions/source/update/check/updatecheck.cxx:534:48
(instdir/program/../program/libupdchklo.so +0x2235de)
> #50 in threadFunc at include/osl/thread.hxx:189:15
(instdir/program/../program/libupdchklo.so +0x251c74)
> #51 in osl_thread_start_Impl(void*) at sal/osl/unx/thread.cxx:264:9
(instdir/program/libuno_sal.so.3 +0x65689f)
The topmost nsslibc_memequal itself appears to be modeled after memcmp and
not
be intended to be called with null pointer arguments even if the size
argument
is zero, see its leading
#ifdef NSSDEBUG
if ((((void *)NULL == a) || ((void *)NULL == b))) {
nss_SetError(NSS_ERROR_INVALID_POINTER);
if ((PRStatus *)NULL != statusOpt) {
*statusOpt = PR_FAILURE;
}
return PR_FALSE;
}
#endif /* NSSDEBUG */
in workdir/UnpackedTarball/nss/nss/lib/base/libc.c, so rather put the check
for
zero into the calling code in nssItem_Equal. However, it is unclear to
me whether one->data can legitimately be null there (and the patch is thus
correct) or not (and the patch would thus silence a bug elsewhere; esp.
given
that nsslibc_memequal would return false instead of true in this case when
compiled with NSSDEBUG.)
Change-Id: Ie7556283cda500130dfcd1cfd315294277573b7c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124663
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sberg...@redhat.com>
diff --git a/external/nss/ubsan.patch.0 b/external/nss/ubsan.patch.0
index 059a9f3b2c0a..2c32d90b00ce 100644
--- a/external/nss/ubsan.patch.0
+++ b/external/nss/ubsan.patch.0
@@ -1,3 +1,12 @@
+--- nss/lib/base/item.c
++++ nss/lib/base/item.c
+@@ -182,5 +182,5 @@
+ return PR_FALSE;
+ }
+
+- return nsslibc_memequal(one->data, two->data, one->size, statusOpt);
++ return one->size == 0 || nsslibc_memequal(one->data, two->data,
one->size, statusOpt);
+ }
--- nss/lib/softoken/legacydb/pk11db.c
+++ nss/lib/softoken/legacydb/pk11db.c
@@ -65,7 +65,7 @@
