RFR: 8330133: libj2pkcs11.so crashes on some pkcs#11 v3.0 libraries
Valerie Peng
valeriep at openjdk.org
Tue Apr 16 17:05:00 UTC 2024
On Tue, 16 Apr 2024 05:59:55 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> It is reported that some PKCS#11 library/vendor reports major version 3, but doesn't implement the C_GetInterface function and the resulting 'interface' variable value may be NULL and cause unexpected crash later.
>>
>> This PR would check the 'interface' variable value to be non-NULL.
>> Reproducing this would require certain 3rd party PKCS#11 library, and thus the noreg-hard label.
>>
>> Thanks~
>> FYI, I will be on vacation starting 4/17 and will address the review comments upon return.
>> Valerie
>
> src/jdk.crypto.cryptoki/unix/native/libj2pkcs11/p11_md.c line 221:
>
>> 219: goto cleanup;
>> 220: }
>> 221: if (((CK_VERSION *)moduleData->ckFunctionListPtr)->major == 3 &&
>
> (preexisting) you could remove the assignment in line 214 above
Yes, thanks for the comment.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18789#discussion_r1567693006
More information about the security-dev
mailing list