Tyson Smith [:tsmith] Reporter
	Description • 7 years ago

This error is triggered by opening https://browserleaks.com/canvas when Firefox is built with: -fsanitize=nonnull-attribute

/mozilla-central/security/nss/lib/ssl/ssl3con.c:6831:30: runtime error: null pointer passed as argument 2, which is declared to never be null
/usr/include/string.h:64:33: note: nonnull attribute specified here
    #0 0x7f8649780311 in ssl3_HandleServerHello /mozilla-central/security/nss/lib/ssl/ssl3con.c:6831:13
    #1 0x7f864977c3ec in ssl3_HandleHandshakeMessage /mozilla-central/security/nss/lib/ssl/ssl3con.c:11876:18
    #2 0x7f864978783c in ssl3_HandleHandshake /mozilla-central/security/nss/lib/ssl/ssl3con.c:12068:18
    #3 0x7f8649781f2d in ssl3_HandleRecord /mozilla-central/security/nss/lib/ssl/ssl3con.c:12858:22
    #4 0x7f86497b26e4 in ssl3_GatherCompleteHandshake /mozilla-central/security/nss/lib/ssl/ssl3gthr.c:518:22
    #5 0x7f86497c3f79 in SSL_ForceHandshake /mozilla-central/security/nss/lib/ssl/sslsecur.c:403:24
    #6 0x7f862365477b in nsNSSSocketInfo::DriveHandshake() /mozilla-central/security/manager/ssl/nsNSSIOLayer.cpp:423:18
    #7 0x7f8618d893bd in mozilla::net::nsHttpConnection::EnsureNPNComplete(nsresult&, unsigned int&) /mozilla-central/netwerk/protocol/http/nsHttpConnection.cpp:481:19
    #8 0x7f8618d8b8ff in mozilla::net::nsHttpConnection::OnSocketWritable() /mozilla-central/netwerk/protocol/http/nsHttpConnection.cpp:1786:21
    #9 0x7f8618d8f048 in mozilla::net::nsHttpConnection::OnOutputStreamReady(nsIAsyncOutputStream*) /mozilla-central/netwerk/protocol/http/nsHttpConnection.cpp:2312:19
    #10 0x7f8618d97b4c in non-virtual thunk to mozilla::net::nsHttpConnection::OnOutputStreamReady(nsIAsyncOutputStream*) /mozilla-central/netwerk/protocol/http/nsHttpConnection.cpp
    #11 0x7f861839c39f in mozilla::net::nsSocketOutputStream::OnSocketReady(nsresult) /mozilla-central/netwerk/base/nsSocketTransport2.cpp:563:19
    #12 0x7f86183a67fd in mozilla::net::nsSocketTransport::OnSocketReady(PRFileDesc*, short) /mozilla-central/netwerk/base/nsSocketTransport2.cpp:2199:21
    #13 0x7f86183b54fd in mozilla::net::nsSocketTransportService::DoPollIteration(mozilla::BaseTimeDuration<mozilla::TimeDurationValueCalculator>*) /mozilla-central/netwerk/base/nsSocketTransportService2.cpp:1193:29
    #14 0x7f86183b3b6c in mozilla::net::nsSocketTransportService::Run() /mozilla-central/netwerk/base/nsSocketTransportService2.cpp:947:13
    #15 0x7f86183b602c in non-virtual thunk to mozilla::net::nsSocketTransportService::Run() /mozilla-central/netwerk/base/nsSocketTransportService2.cpp
    #16 0x7f8618151309 in nsThread::ProcessNextEvent(bool, bool*) /mozilla-central/xpcom/threads/nsThread.cpp:1037:14
    #17 0x7f8618189f91 in NS_ProcessNextEvent(nsIThread*, bool) /mozilla-central/xpcom/threads/nsThreadUtils.cpp:513:10
    #18 0x7f86192b8f43 in mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) /mozilla-central/ipc/glue/MessagePump.cpp:334:20
    #19 0x7f8619139c40 in MessageLoop::Run() /mozilla-central/ipc/chromium/src/base/message_loop.cc:299:3
    #20 0x7f861814d84f in nsThread::ThreadFunc(void*) /mozilla-central/xpcom/threads/nsThread.cpp:425:11
    #21 0x7f864a870d2d in _pt_root /mozilla-central/nsprpub/pr/src/pthreads/ptthread.c:216:5
    #22 0x7f864e06f7fb in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x77fb)
    #23 0x7f864d09db0e in clone /build/glibc-CxtIbX/glibc-2.26/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

	Phabricator Automation
	Comment 1 • 7 years ago

Comment on attachment 8929350 [details]
Bug 1418021 - check sidBytes item for NULL before copying, r=ttaubert

Tim Taubert [:ttaubert] has approved the revision.

https://phabricator.services.mozilla.com/D253#6067

	Franziskus Kiefer [:franziskus] Assignee
	Comment 2 • 7 years ago

https://hg.mozilla.org/projects/nss/rev/6121674fd16307c05c4a1ffc1a3267796008d152