Bug 427715 - nsCryptoHash apparently being called while NSS is in shutdown state [@ NSSRWLock_LockRead_Util], r=kaie

2009-07-28 23:26:26 +02:00 · 2009-07-28 23:26:26 +02:00 · dbff2f3e5e
--- a/security/manager/ssl/src/nsNSSComponent.cpp
+++ b/security/manager/ssl/src/nsNSSComponent.cpp
@ -280,7 +280,7 @@ nsTokenEventRunnable::Run()
 PRBool EnsureNSSInitialized(EnsureNSSOperator op)
 {
  static PRBool loading = PR_FALSE;
-  static PRBool haveLoaded = PR_FALSE;
+  static PRInt32 haveLoaded = 0;

  switch (op)
  {
@ -296,7 +296,7 @@ PRBool EnsureNSSInitialized(EnsureNSSOperator op)
  case nssInitSucceeded:
    NS_ASSERTION(loading, "Bad call to EnsureNSSInitialized(nssInitSucceeded)");
    loading = PR_FALSE;
-    haveLoaded = PR_TRUE;
+    PR_AtomicSet(&haveLoaded, 1);
    return PR_TRUE;

  case nssInitFailed:
@ -305,7 +305,7 @@ PRBool EnsureNSSInitialized(EnsureNSSOperator op)
    // no break

  case nssShutdown:
-    haveLoaded = PR_FALSE;
+    PR_AtomicSet(&haveLoaded, 0);
    return PR_FALSE;

    // In this case we are called from a component to ensure nss initilization.
@ -313,7 +313,7 @@ PRBool EnsureNSSInitialized(EnsureNSSOperator op)
    // call do_GetService for nss component to ensure it.
  case nssEnsure:
    // We are reentered during nss component creation or nss component is already up
-    if (haveLoaded || loading)
+    if (PR_AtomicAdd(&haveLoaded, 0) || loading)
      return PR_TRUE;

    {
@ -1751,6 +1751,7 @@ nsNSSComponent::ShutdownNSS()
    CleanupIdentityInfo();
    PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("evaporating psm resources\n"));
    mShutdownObjectList->evaporateAllNSSResources();
+    EnsureNSSInitialized(nssShutdown);
    if (SECSuccess != ::NSS_Shutdown()) {
      PR_LOG(gPIPNSSLog, PR_LOG_ALWAYS, ("NSS SHUTDOWN FAILURE\n"));
      rv = NS_ERROR_FAILURE;
@ -2556,8 +2557,28 @@ nsCryptoHash::nsCryptoHash()

 nsCryptoHash::~nsCryptoHash()
 {
+  nsNSSShutDownPreventionLock locker;
+
+  if (isAlreadyShutDown())
+    return;
+
+  destructorSafeDestroyNSSReference();
+  shutdown(calledFromObject);
+}
+
+void nsCryptoHash::virtualDestroyNSSReference()
+{
+  destructorSafeDestroyNSSReference();
+}
+
+void nsCryptoHash::destructorSafeDestroyNSSReference()
+{
+  if (isAlreadyShutDown())
+    return;
+
  if (mHashContext)
    HASH_Destroy(mHashContext);
+  mHashContext = nsnull;
 }

 NS_IMPL_ISUPPORTS1(nsCryptoHash, nsICryptoHash)
@ -2565,6 +2586,8 @@ NS_IMPL_ISUPPORTS1(nsCryptoHash, nsICryptoHash)
 NS_IMETHODIMP 
 nsCryptoHash::Init(PRUint32 algorithm)
 {
+  nsNSSShutDownPreventionLock locker;
+
  HASH_HashType hashType = (HASH_HashType)algorithm;
  if (mHashContext)
  {
@ -2617,6 +2640,8 @@ nsCryptoHash::InitWithString(const nsACString & aAlgorithm)
 NS_IMETHODIMP
 nsCryptoHash::Update(const PRUint8 *data, PRUint32 len)
 {
+  nsNSSShutDownPreventionLock locker;
+  
  if (!mInitialized)
    return NS_ERROR_NOT_INITIALIZED;

@ -2675,6 +2700,8 @@ nsCryptoHash::UpdateFromStream(nsIInputStream *data, PRUint32 len)
 NS_IMETHODIMP
 nsCryptoHash::Finish(PRBool ascii, nsACString & _retval)
 {
+  nsNSSShutDownPreventionLock locker;
+  
  if (!mInitialized)
    return NS_ERROR_NOT_INITIALIZED;
  
@ -2715,13 +2742,35 @@ nsCryptoHMAC::nsCryptoHMAC()

 nsCryptoHMAC::~nsCryptoHMAC()
 {
+  nsNSSShutDownPreventionLock locker;
+
+  if (isAlreadyShutDown())
+    return;
+
+  destructorSafeDestroyNSSReference();
+  shutdown(calledFromObject);
+}
+
+void nsCryptoHMAC::virtualDestroyNSSReference()
+{
+  destructorSafeDestroyNSSReference();
+}
+
+void nsCryptoHMAC::destructorSafeDestroyNSSReference()
+{
+  if (isAlreadyShutDown())
+    return;
+
  if (mHMACContext)
    PK11_DestroyContext(mHMACContext, PR_TRUE);
+  mHMACContext = nsnull;
 }

 /* void init (in unsigned long aAlgorithm, in nsIKeyObject aKeyObject); */
 NS_IMETHODIMP nsCryptoHMAC::Init(PRUint32 aAlgorithm, nsIKeyObject *aKeyObject)
 {
+  nsNSSShutDownPreventionLock locker;
+
  if (mHMACContext)
  {
    PK11_DestroyContext(mHMACContext, PR_TRUE);
@ -2778,6 +2827,8 @@ NS_IMETHODIMP nsCryptoHMAC::Init(PRUint32 aAlgorithm, nsIKeyObject *aKeyObject)
 /* void update ([array, size_is (aLen), const] in octet aData, in unsigned long aLen); */
 NS_IMETHODIMP nsCryptoHMAC::Update(const PRUint8 *aData, PRUint32 aLen)
 {
+  nsNSSShutDownPreventionLock locker;
+
  if (!mHMACContext)
    return NS_ERROR_NOT_INITIALIZED;

@ -2843,6 +2894,8 @@ NS_IMETHODIMP nsCryptoHMAC::UpdateFromStream(nsIInputStream *aStream, PRUint32 a
 /* ACString finish (in PRBool aASCII); */
 NS_IMETHODIMP nsCryptoHMAC::Finish(PRBool aASCII, nsACString & _retval)
 {
+  nsNSSShutDownPreventionLock locker;
+
  if (!mHMACContext)
    return NS_ERROR_NOT_INITIALIZED;
  
@ -2870,6 +2923,8 @@ NS_IMETHODIMP nsCryptoHMAC::Finish(PRBool aASCII, nsACString & _retval)
 /* void reset (); */
 NS_IMETHODIMP nsCryptoHMAC::Reset()
 {
+  nsNSSShutDownPreventionLock locker;
+
  SECStatus ss = PK11_DigestBegin(mHMACContext);
  NS_ENSURE_TRUE(ss == SECSuccess, NS_ERROR_FAILURE);

--- a/security/manager/ssl/src/nsNSSComponent.h
+++ b/security/manager/ssl/src/nsNSSComponent.h
@ -67,6 +67,7 @@
 #include "nsICryptoHMAC.h"
 #include "hasht.h"
 #include "nsNSSCallbacks.h"
+#include "nsNSSShutDown.h"

 #include "nsNSSHelper.h"
 #include "nsClientAuthRemember.h"
@ -192,7 +193,7 @@ class NS_NO_VTABLE nsINSSComponent : public nsISupports {

 NS_DEFINE_STATIC_IID_ACCESSOR(nsINSSComponent, NS_INSSCOMPONENT_IID)

-class nsCryptoHash : public nsICryptoHash
+class nsCryptoHash : public nsICryptoHash, public nsNSSShutDownObject
 {
 public:
  NS_DECL_ISUPPORTS
@ -205,9 +206,12 @@ private:

  HASHContext* mHashContext;
  PRBool mInitialized;
+
+  virtual void virtualDestroyNSSReference();
+  void destructorSafeDestroyNSSReference();
 };

-class nsCryptoHMAC : public nsICryptoHMAC
+class nsCryptoHMAC : public nsICryptoHMAC, public nsNSSShutDownObject
 {
 public:
  NS_DECL_ISUPPORTS
@ -217,8 +221,10 @@ public:

 private:
  ~nsCryptoHMAC();
-
  PK11Context* mHMACContext;
+
+  virtual void virtualDestroyNSSReference();
+  void destructorSafeDestroyNSSReference();
 };

 struct PRLock;