Bug#780801: iceweasel: null pointer dereference in SSLServerCertVerification.cpp
Jakub Wilk
jwilk at debian.org
Thu Mar 19 16:35:57 UTC 2015
Package: iceweasel
Version: 36.0.1-2
Iceweasel crashes with segmentation fault on https://mentors.debian.net/.
GDB says it's a null pointer dereference:
(gdb) up 5
#5 0xf44d410c in GatherEKUTelemetry (certList=...) at /build/iceweasel-xyTURW/iceweasel-36.0.1/security/manager/ssl/src/SSLServerCertVerification.cpp:993
993 for (size_t i = 0; endEntityCert->extensions[i]; i++) {
(gdb) print endEntityCert->extensions
$1 = (CERTCertExtension **) 0x0
(gdb) bt
#0 0xf7783425 in __kernel_vsyscall ()
#1 0xf7758bb6 in raise (sig=11) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:37
#2 0xf4574f79 in nsProfileLock::FatalSignalHandler (signo=11, info=0xe7ffcbec, context=0xe7ffcbec) at /build/iceweasel-xyTURW/iceweasel-36.0.1/profile/dirserviceprovider/nsProfileLock.cpp:180
#3 0xf48c1dd5 in AsmJSFaultHandler (signum=11, info=0xe7ffccbc, context=0xe7ffcd3c) at /build/iceweasel-xyTURW/iceweasel-36.0.1/js/src/asmjs/AsmJSSignalHandlers.cpp:907
#4 <signal handler called>
#5 0xf44d410c in GatherEKUTelemetry (certList=...) at /build/iceweasel-xyTURW/iceweasel-36.0.1/security/manager/ssl/src/SSLServerCertVerification.cpp:993
#6 GatherSuccessfulValidationTelemetry (certList=...) at /build/iceweasel-xyTURW/iceweasel-36.0.1/security/manager/ssl/src/SSLServerCertVerification.cpp:1063
#7 mozilla::psm::(anonymous namespace)::AuthCertificate (certVerifier=..., infoObject=0xdc980d50, cert=0x0, peerCertChain=..., stapledOCSPResponse=0x0, providerFlags=0, time=...) at /build/iceweasel-xyTURW/iceweasel-36.0.1/security/manager/ssl/src/SSLServerCertVerification.cpp:1122
#8 0xf44d43de in mozilla::psm::(anonymous namespace)::SSLServerCertVerificationJob::Run (this=0xdc894c00) at /build/iceweasel-xyTURW/iceweasel-36.0.1/security/manager/ssl/src/SSLServerCertVerification.cpp:1243
#9 0xf300f55a in nsThreadPool::Run (this=0xef2176a0) at /build/iceweasel-xyTURW/iceweasel-36.0.1/xpcom/threads/nsThreadPool.cpp:220
#10 0xf3010258 in nsThread::ProcessNextEvent (this=0xea7f58d0, aMayWait=false, aResult=0xe7ffd1fb) at /build/iceweasel-xyTURW/iceweasel-36.0.1/xpcom/threads/nsThread.cpp:830
#11 0xf30236bc in NS_ProcessNextEvent (aThread=<optimized out>, aMayWait=false) at /build/iceweasel-xyTURW/iceweasel-36.0.1/xpcom/glue/nsThreadUtils.cpp:265
#12 0xf31f037a in mozilla::ipc::MessagePumpForNonMainThreads::Run (this=0xe90eab50, aDelegate=0xea7f8fa0) at /build/iceweasel-xyTURW/iceweasel-36.0.1/ipc/glue/MessagePump.cpp:339
#13 0xf31e4764 in MessageLoop::RunInternal (this=0xea7f8fa0) at /build/iceweasel-xyTURW/iceweasel-36.0.1/ipc/chromium/src/base/message_loop.cc:233
#14 0xf31e48b2 in RunHandler (this=0xea7f8fa0) at /build/iceweasel-xyTURW/iceweasel-36.0.1/ipc/chromium/src/base/message_loop.cc:226
#15 MessageLoop::Run (this=0xea7f8fa0) at /build/iceweasel-xyTURW/iceweasel-36.0.1/ipc/chromium/src/base/message_loop.cc:200
#16 0xf3010ffc in nsThread::ThreadFunc (aArg=0xea7f58d0) at /build/iceweasel-xyTURW/iceweasel-36.0.1/xpcom/threads/nsThread.cpp:350
#17 0xf7390ba5 in _pt_root (arg=0xea4d29c0) at ptthread.c:212
#18 0xf7750efb in start_thread (arg=0xe7ffdb40) at pthread_create.c:309
#19 0xf74b562e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:129
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages iceweasel depends on:
ii debianutils 4.4+b1
ii fontconfig 2.11.0-6.3
ii libasound2 1.0.28-1
ii libatk1.0-0 2.14.0-1
ii libc6 2.19-17
ii libcairo2 1.14.0-2.1
ii libdbus-1-3 1.8.16-1
ii libdbus-glib-1-2 0.102-1
ii libevent-2.0-5 2.0.21-stable-2
ii libffi6 3.1-2+b2
ii libfontconfig1 2.11.0-6.3
ii libfreetype6 2.5.2-4
ii libgcc1 1:5-20150316-1
ii libgdk-pixbuf2.0-0 2.31.1-2+b1
ii libglib2.0-0 2.42.1-1
ii libgtk2.0-0 2.24.25-3
ii libhunspell-1.3-0 1.3.3-3
ii libnspr4 2:4.10.7-1
ii libnss3 2:3.17.2-1.1
ii libpango-1.0-0 1.36.8-3
ii libsqlite3-0 3.8.7.4-1
ii libstartup-notification0 0.12-4
ii libstdc++6 5-20150316-1
ii libvpx1 1.3.0-3
ii libx11-6 2:1.6.2-3
ii libxcomposite1 1:0.4.4-1
ii libxdamage1 1:1.1.4-2+b1
ii libxext6 2:1.3.3-1
ii libxfixes3 1:5.0.1-2+b2
ii libxrender1 1:0.9.8-1+b1
ii libxt6 1:1.1.4-1+b1
ii procps 2:3.3.9-9
ii zlib1g 1:1.2.8.dfsg-2+b1
--
Jakub Wilk
More information about the pkg-mozilla-maintainers
mailing list