Hallo!
Sorry, my debugger isn't idiot proofed.
The problem are at least at the functions pk11_CollectCrls and
CERT_DecodeDERCrl.
CERT_DecodeDERCrl returns a NULL Pointer on decoding a v2 CRL with no
revoked certificates in it.
pk11_CollectCrls:
static SECStatus
pk11_CollectCrls(PK11SlotInfo *slot, CK_OBJECT_HANDLE crlID, void *arg)
{
SECItem derCrl;
CERTCrlHeadNode *head = (CERTCrlHeadNode *) arg;
CERTCrlNode *new_node = NULL;
CK_ATTRIBUTE fetchCrl[3] = {
{ CKA_VALUE, NULL, 0},
{ CKA_NETSCAPE_KRL, NULL, 0},
{ CKA_NETSCAPE_URL, NULL, 0},
};
const int fetchCrlSize = sizeof(fetchCrl)/sizeof(fetchCrl[2]);
SECStatus rv;
rv = PK11_GetAttributes(head->arena,slot,crlID,fetchCrl,fetchCrlSize);
if (rv == SECFailure) {
goto loser;
}
rv = SECFailure;
new_node = (CERTCrlNode *)PORT_ArenaAlloc(head->arena,
sizeof(CERTCrlNode));
if (new_node == NULL) {
goto loser;
}
new_node->type = *((CK_BBOOL *)fetchCrl[1].pValue) ?
SEC_KRL_TYPE : SEC_CRL_TYPE;
derCrl.data = (unsigned char *)fetchCrl[0].pValue;
derCrl.len = fetchCrl[0].ulValueLen;
new_node->crl=CERT_DecodeDERCrl(head->arena,&derCrl,new_node->type);
<== CERT_DecodeDERCrl returns NULL
if (fetchCrl[2].pValue) {
int nnlen = fetchCrl[2].ulValueLen;
new_node->crl->url = (char *)PORT_ArenaAlloc(head->arena, nnlen+1);
<== new_node->crl==NULL
=> Access Violation on dereferencing new_node->crl->url
For the CA certificates and the CRLs look at the attached file.
Thank You
Robert List
"Wan-Teh Chang" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Robert List wrote:
> >
> > Access violation - code c0000005 (first chance)
> > eax=028fde80 ebx=61126e8a ecx=028fcf68 edx=00000000 esi=0012f0fc
edi=0012ef64
> > eip=03050071 esp=0012ee18 ebp=0012ee5c iopl=0 nv up ei pl nz na
po nc
> > cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
efl=00010206
> > *** WARNING: Unable to verify checksum for
C:\Programme\mozilla.org\Mozilla\nss3.dll
> > nss3!PK11_LookupCrls+1bc:
> > 03050071 8982a8000000 mov [edx+0xa8],eax
ds:0023:000000a8=????????
> >
> > # ChildEBP RetAddr Args to Child
> > 00 0012ee5c 0304fded 026f4428 0000000b 028fccf0
nss3!PK11_LookupCrls+0x1bc
> > 01 0012ee80 0305019a 026f4428 0012eeb4 020e51f0
nss3!PK11_TraverseSlot+0x84
> > 02 0012ee9c 0304ff5c 0304fd69 0012eeb4 00000000
nss3!PK11_LookupCrls+0x2e5
> > 03 0012eee4 03071751 028fccf0 ffffffff 00000000
nss3!PK11_LookupCrls+0xa7
> > 04 0012ef04 60a319a4 026871a0 0012ef24 ffffffff nss3!SEC_LookupCrls+0x7e
>
> Robert, I am having a hard time deciphering this stack. I don't
> know what the hexadecimal numbers after the function names mean
> (for example, the 0x1bc in PK11_LookupCrls+0x1bc). This stack
> seems to imply that PK11_LookupCrls calls itself, which contradicts
> the source code. So I think those hexadecimal numbers are important
> to understanding this stack.
>
> Could you drop in our debug DLLs
>
(ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_3_4_2_RTM/WIN954.0_DBG.
OBJ/)
> into Mozilla 1.0 and see if you can get a stack trace with file names
> line numbers from the MSVC debugger?
>
> Thanks,
> Wan-Teh
>
begin 666 certs.zip
M4$L#!!0``@`(`,-3Y"RXT@4?W@(``'$#```,````;E%U86PM,#$N8V5R,VAB
MSC5H8@I=P,S$R,3$Q.)NP,O&J=7FT?:=EY&1E97!(-Z0VX"3C3F4A4V8R3'$
M4," #\3A$F9WU TI*BTN,90SD &)< N+0D5T0U*!1%Y@:6*.KH$A3)X9A[R!
MG#@O4)61@9F!I0$01 &Y)DA<VCN@B5$)V=.,K S,38S\#$!Q+J8F1D:&3X=^
M66ZX&&MW\H"-SW66[L]?)1*G'DCB9>\]PE4_]\CC_Z^L"A2OM*EMB*AD8=C[
M=YMTU+W5O'JWYW!7O-I[94IUQG9EQ25NI6S_KEKOR#AB/-WZC^3*94H+?H4\
MV;5WVX4O+R8&G]1:&L1L<K*=QZ\@959NY><W%V8VE"R:>^B'_U>7^5=#;G!>
MEN.?O&"&],$;,7RO9&3K"A:%^.KQ^!SDL"L^J2E9LV&BMK-^CNB[/<\:GS3+
MS=JNPGMV?1[GI)!HAWD6__[L"O4]9JB@Y66SLOITH.*!]=X'#5WF%2UH$U_[
MYN;#*P\N6N=RL*DV3Q XH'OZA')T9]WL\UN_[LM_<'+'C-13Y3NYW$^Q)3,Q
M,S(P+C8&AA0_,!QEA1D9_[.P&C #*0-!D `?"Q<+AT/9;ND?$9N2#;A!0OPL
M+,#TQ(:6EIA!H>ES=GGA5>:E?$=+?RY;TO'G]/G"E_6"T:[S>F9<>+_"^=LJ
M;[<M6KE++(IYJS_WQ*ZSJ>B[E;KK1.CQPK[^U&"FO_P"#9)+GF_<9L![[>^#
M75><VR)Z]W78[5/L*!(5EK01<M#[/ZLY(2_IK](97=TSF=7\M24+7LTZQ<JF
MND21J_H1PR.AN-M_KN\\([8OV$HWO_CB[SO?"F.7O:C?T\SILXJEK-KRX'F7
MO?TWNC<N7Y)XX)__*M&)=ZTM+IN&,,T6G,)@8[6"Q4?UE)O2@?KPYO4'>??]
MS'[F%_RW9FH70\UY3Y]X_;43F$^(%R7^B3AV:%;NL4M7`N+\>Z0*V+67S9_J
M+-7Y:)Z&?&M,! !02P,$% `"``@`P%/D+#F/N-BC`0``TP$```P```!N475A
M;"TP,2YC<FPS:&(\;]"X@XF1T8"7C5.KS:/M.R\C(RLK@T&\(;<!)QMS* N;
M,)-CB*& `1^(PR7,[J@;4E1:7&(H9R #$N$6%H6*Z(:D`HF\P-+$'%T#0Y@\
M,PYY<5X#(P-S`Q.@2@-#LR@XUP3,7:!JH&S `]0O*\+"RL3,L*#=0!C$4V;A
M,>!JX' HVRW](V)3,IJCF9L8&1D*%39NJSLXXYWZ?3F&K^^JM+\;77%<O6A_
MZ5F^U4H\SL)1QQP?[W[N^;#]4)6#GZOS'1.+[4=KIC7N"E&N3&5<>%YEVOQ-
MBQ]P)7VU>OC_T-:T+R);/47G\Y=KIRUY8!CNPYO)U[^R(.+CYFD=KIOJ_3_<
M_N0KMT;K]1G;.R)A_US_+5!^.6UMQX[I:LD731F.;]=>E]?L?OC.S .K_VD?
MR"AZ%7?1ZM63`[DI-SHR&-35E1<(M\R0T3OO?R'=7*GX#;?2-?=G`D].]URR
M/G]@,O="FUFW3$Q.G<IDF'G,Y?2]`FW#M/LO'%/_I7XT*GOUYRB_@(!7ZXN;
MRH[G9LO'+VMN\.M04IMW@C5!@7D"`%!+`P04``(`" #24^0L\M]+#0$%``"H
M#@``% ```%1R=7-T5&5S="U%;F,M,#$N8W)LA9=;3!Q5&,?9N6S+97M;6D33
M("TVBA"_<]N9T6@$:\$F-(1 1-0'BT5I8]%2H@&*%"*F4(B)#S6V2$4TQEN-
MTJIM0H-:],$0@VEJ-3&V5D.1>JG$>F&K9V:'V5GV2_:!A\/\\O^^<\[__,]9
MZ%HV`EVA_4H@`*%@>F%/><^54""@ZVE00S(A/:C6:,&P4E)-5L R>Y 17E)2
M7+VKI7DWR84<^S^9X17.N'I;\^[BNW?6%P-9^*0F?\H)`04#N(2 1.J\(7>&
MT)7U#>0KBFXZ'PB)$,$(F'60!1E2<>UJ3<T(Z#:BM4B$$$HH6-P@1B*B.DAS
M'*&<L$0DX"!-+B)+44XC2"%]QNF%$T%,PKA(1#1'98>G(EB$`-;N(Q["A,D9
MAFSS(88@6"]Y,40R' P&2"_Z6C]"+0118BIV)1 `%%.9<B=-P++5,"3L%6(@
MJ(DA*Q,0`T.6>P@5!!B&?!'KQ>Z&&&)1(<5!0@DJ:+N9<81R'D'\HG^^4 @,
M;C".J:3[5"@Q,94E<828>*&/W4*V=RE'MU'UJ3 *F+VON@@0Q@R&6FH^`:&8
MI8X[O3!JD A/FE',WO_$58A%!'*.] _C*L 9P53^2JURS%6)$ ,$P<R@_>FI
M4$$)>AI%S-[,YKA 5>9\*A)"+*4Q3P48`\#"XW)<A2:U&U/YS8=P*K!MO&6A
M$%@"*,4*_>)380R=4;%?10C,#+,^%8KFBW9S7,7.H40DZ" S?A4PL':G?0AP
MCJD4Q O)9+"P=3GOJ1":Y)<8LLX-,I.8+,F[L5Z^3ZFB#-H(6,0$DQH46UVU
MRC&FM#;A\IA@R:!6)B#H'DVZ`6])P%SLE]B,,MP9&?*JB5 L&;0)3T6F`V"A
MJ@4]%<H,@7I7\R/<PDYCAS,C.2<BTT5@-XG>'D>XM3C@'4LIG2E75V_U5"(D
MR9C..5(Z$E30@'\JWHL@J#&5]I0JFAMD8+\\!$2PZ[,UY8RT47>/3"(HH!$4
M..8@X/R9# NRP&AJY+T$!#.F]H[;"Y>A:@(6S?JCL>>6>]E0[(9M\",".VKZ
MPQXBFZ'8TFDC7B]<`'H:]:T)*FC #\=5B,71*VO(19AL%@!34;_S7D%"NI=@
MAV0PK@(,OTD.>(C<:'1U@]GN6TJ:0>8[MD?!51["Y2V!/I0JW2>Q;2D+OZ?[
MO5[DPJ&3#F8L%)(!'V%HH<U>(3EE@A[[<@^1%RQZ`H)!MY#,%SDEM-!&3\4.
M:#3@]RZ\X EG)L%45"7E"=#GW5[DTSPYZQQ[JVD)*NA.[_%ZD1E%T!=9FX?(
M`%K\"E(/WP#K(<L>9VNZ+'EX",+V:+TFL<ZE6SI[?A\[^\*N13_$U*Y (*VO
MI')H-K<B<]/1QNNC/YSH#M3<OK_AH_=K0^43Y2>^'J@;.U3V[.0GT7^_:IWI
M.W/MD>U\_*:?W^IIN#*5_]JJ)U9>SJMZZ67VY.33!R^M+CRU8\W\@ZWGEHT_
M<_K@FIRAV8[A._\K/'3JZ.!P[_$M#T6?JVMLJ;WMKIT_GMPTO;WJS<?O>Z6@
M-!M*6NNKHQM>G2^Z8^E/X?NC?W0K<QN/=%Z\]6+%_%QG>?]C$T9?TZ4W]DVW
M]]063>7UUD\T?9!7<77TNG/[LONS>]OVEKUHW3A[[^M_DW?O*:W:\.F!SXJN
M&1MY>S0SORQWW:\#W=&MXVT7&G4Z]/QILZ#TR\W++YSO.SN@['G@VY-]925G
MJL3_4$L#!!0``@`(`-93Y"RC'80K6P,``/(#```4````5')U<W1497-T+45N
M8RTP,2YC97(S:&)^9]#$=&T!,Q,C$Q,3BX<!+QNG5IM'VW=>1D965@:#>$-N
M`TXVYE 6-F$FQQ!#`0,^$(=+F-U1-Z2HM+C$4,Y !B3"+2P*%=$-2042>8&E
MB3FZ!H8P>68<\@9RXKQ 548&9@:6!D 0!>2:('$-0@DY0-) '.(``3 ?;+IK
M7C+(;J@4,Z:401.C$K)7&5D9F)L8^1F XEQ,38R,#+=V]^7TWPK]GSHW,W>_
MC9K%B\V2"5H%=?5)R];_]7S7T,>>H;'L9^?V"2R17QLRK-]FR!467JU>RB#X
MR*KKXC&/!SYSSBT7/^K*L\O#HI(S:?V%M4:;%B[POOO[PIRR@%^*=_\R==M]
MGIJ^>,/_MM+/-=/[+EH\6'-DQ[/2S"G7>**]^F6F</NS+EVZ2VGU<^8-KVX<
MM-HF8"/TZN/FW6R+`U-GFY3U,(0QFC:G"85-W)MJ%;<F0).1?>^95.WGD=__
MK+A;LL7-)-"PVGGQ/HT#.C\$BTZ>8SOO,[<YHXNWJ)#O=M/4EV<9V_:;< =[
MW9[S]\/ZSEF.1H5;-:LC+":<K5I5K[/^\$H)CQ?BT4S,C R,BQOW&C3N,N '
M!J*L,"/C?Q96`V8@92 ($N!CX6+A\&MH^[COYHPB`V&0D#(+CP%7`X=#V6[I
M'Q&;DL%1)<L/TL@"3%]L!OD@OCQ+AD&:0<J"I 4);7$Y*8D%5OKZ($JW!!@]
M>HFZ):"HTDLLT<\OM<6:9'3R8>(ZR;:.(?;)J44EF6F9R8DEJ46I9?E .C,_
M+R>SN,0>+3$S@R)V\;2+LRLT>H6^=PA;5-U\*LG?_-SPZY5W4^?F"U7OW_=C
M__8[D][H<TN)2/Y(C+*?T+!YB53GEZ2@2NUZ*\,0[S5F+":?K,N^L9J^77K!
M\+MD0<@RO;6;OE?$EH0%/.$^[LXL(//@(K>4U:FN.6YW&,7>2G:('%]H=VK]
M=T;F7UO8=TY0=)Z^Y\2-RE5YU<^,I>\^,5 /7UC')3?[P',C!H'H27M%+OBM
M[ UXY5,H+>?:M*AAWSTNKG7Q_(^U3_I/J?-<'_&YD6&OJ(C(DO\'\L2V=Z9>
M4<IV[U>.C]GT][[KK7,>`;/B;U]*7C;/4>]0J8'P,<%)BLMJQ3H?FVLMMO\L
M5.G?^M27U[RQ/1X`4$L#!!0``@`(`.13Y"P*S-ZO-P(``%<#```4````5')U
M<W13:6=N+45N8RTP,2YC<FPS:&(.-FABLF9B9#3@9>/4:O-H^\[+R,C*RF 0
M:\AMP,G&',K")LSD&&(H8, 'XG )LSOJAA25%I<8RAI(@T2XA47 _.#,]+R0
MU.(27=>\9%T#0Y@T,W9I<5X#(P-S`Q.@0@-#LR@XUP3,-6AB;#109&)B,0=*
M&!H:&9@"L9FQ290!CP$7T%19419F+D9FD!*V)6"]9D;FAD9 [4:H2AC!2A8A
ME!B;&!EB4<*R!V*1H86AN8&A`9HI+& ENP@K<84[U]30W,@"BW-9[.%*#$R-
M3+&YA6T5W+G&Q@;&IMB4K$!18H)%">L-L!(30T-#4R-S`TML0;<,$2Y MZ";
MLD#50-F !\0786%E8F98.,- &,139@$J:^!P_??(.)+!=A]:NF%N8F1D\)73
M6'+AO_HOZ;*DHOX(C3/LIS3*^,_.F[&V-,JV<W? M9X/#65R"@\F_/R@8R!T
M,$?][M0^J^,WL[;M_::98''F0,K/#3\GW2LY*:TVAZ]QPZLS/.*/JIJ+%<_H
M7_O'MWO_\5W3MT[A7UWX<NI'HU+)E2W.>3+6]RO$VAO'TTPT\)1>SMJX1
MG21P;\*<"M?NRA7YJ4?_NWZ]L^V>W](]SULZ9!N=K^U[9?]9SO7#0T_EOQ:G
M!7R5I!PK`MGW;O=N:(]YD;EEZN'J;88/\U\;GG_\0#A"_27KY;U5:>D1:M8E
M;PP4Q,UC)_AV&+N6.QC>W/S=PC7RI^S7LW::LW4^VVY][J1N=RDT>V?750!0
M2P,$% `"``@`Z%/D+-#5@2=@`P``^@,``!0```!4<G5S=%-I9VXM16YC+3 Q
M+F-E<C-H8OYFT,1T;P$S$R,3$Q-+@ $O&Z=6FT?;=UY&1E96!H-X0VX#3C;F
M4!8V82;'$$,!`SX0ATN8W5$WI*BTN,10SD &),(M+ H5T0U)!1)Y@:6).;H&
MAC!Y9ASR!G+BO$!51@9F!I8&0! %Y)H@<0UB"3E UD :X@`1,#\X,ST/;(-K
M7C+(?J@T,W9I@R9&)60O,[(R,#<Q\C,`Q;F8FA@9&4YN93O[K.<!YX&0=V]6
M<LUZ)YF]R2UWLO>ANEZ;Y2J!;\.O'5VD?F3.CQ=OOKH\GG-+ED7VFXW5KK3[
M+/_[@FK++:S.!?3X'7>;QJB3J/EY]8'UQ9\$N](._ZJ)7J\UZ8K)P:I/KS\J
MK?VI=R#Y6>0&[_C ?Q&GSZ?97.XX;'7,;NJ_VL;(-V=/S8M3O<@WY_QBG7SE
M"TTA+R)<R@]DO'BP1.US8,2RYGW!,Z\F2YW*L6W;9RRI9-!@8'N6<QKWOXWQ
MG_S*C(145MF:RJ4'V477..7_7^GIM;)3M&;SXB<36-BNIU]8NS-WPN=7'DNV
M;*DVE=3EO.#->TKOWH.%*9W3F[LOA3O)Q%BZ2)46Q#(Q,S(P+F[<:]"XRX ?
M&)"RPHR,_UE8#9B!E($@2("/A8N%P_7?(^-(!MM]!L(@(646'@.N!@Z'LMW2
M/R(V)8.C3)8?I)$%F,[8#/)!?'F6#(,T@Y0%20L2VN)R4A(+K/3U091N"3!Z
M]!)U2T#1I9=8HI]?:HLUZ>CDP\1UDFT=0^R34XM*,M,RDQ-+4HM2R_*!=&9^
M7DYF<8D]6J)F!D7L#?G,Z8:[?CJZ+/<PYF'4%SOY^/NM&3L3UNO^B)XG(_.K
M*3@@\ZBUAN^:Y@>B,UYF2*IO*BPXZ,T>&U M.\ML![<"J]!^B6A^_:/5/>S/
MIF_?->7_YVFUI<)O-2P4[I][UNRYM, [^M7_JVOX?5Y/J>+)O;PA*S%MNGXE
MZ];0^2=S.\//>_I>V%^;9'%:3LW\>^@JR>OU4[LD>^8K-*ZXGMH\+>/TSL]M
MTQB[E?QDU_1?Y)VVIB>T_NTAS;;R&?NV_[UPU:+X]8/V^=*^O_REMUX_*7#$
M\H6SSG,%D=V%JY]9-J_[.2ME(O])*^8OJG);K8,CK$6NGPUJXKRP;_*)"WYR
M39?FA\S=?NVA8W\9`%!+`0(4`!0``@`(`,-3Y"RXT@4?W@(``'$#```,````
M````````( "V@0````!N475A;"TP,2YC97)02P$"% `4``(`" # 4^0L.8^X
MV*,!``#3`0``# ```````````" `MH$(`P``;E%U86PM,#$N8W)L4$L!`A0`
M% `"``@`TE/D+/+?2PT!!0``J X``!0````````````@`+:!U00``%1R=7-T
M5&5S="U%;F,M,#$N8W)L4$L!`A0`% `"``@`UE/D+*,=A"M;`P``\@,``!0`
M```````````@`+:!" H``%1R=7-T5&5S="U%;F,M,#$N8V5R4$L!`A0`% `"
M``@`Y%/D+ K,WJ\W`@``5P,``!0````````````@`+:!E0T``%1R=7-T4VEG
M;BU%;F,M,#$N8W)L4$L!`A0`% `"``@`Z%/D+-#5@2=@`P``^@,``!0`````
M```````@`+:!_@\``%1R=7-T4VEG;BU%;F,M,#$N8V5R4$L%!@`````&``8`
*? $``) 3````````
`
end
