RFR: 8330133: libj2pkcs11.so crashes on some pkcs#11 v3.0 libraries [v2]
Daniel Jeliński
djelinski at openjdk.org
Tue Apr 16 17:57:00 UTC 2024
On Tue, 16 Apr 2024 17:21:11 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> It is reported that some PKCS#11 library/vendor reports major version 3, but doesn't implement the C_GetInterface function and the resulting 'interface' variable value may be NULL and cause unexpected crash later.
>>
>> This PR would check the 'interface' variable value to be non-NULL.
>> Reproducing this would require certain 3rd party PKCS#11 library, and thus the noreg-hard label.
>>
>> Thanks~
>> FYI, I will be on vacation starting 4/17 and will address the review comments upon return.
>> Valerie
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>
> Removed pre-existing duplicate assignment.
Marked as reviewed by djelinski (Reviewer).
-------------
PR Review: https://git.openjdk.org/jdk/pull/18789#pullrequestreview-2004285005
More information about the security-dev
mailing list