From 1ff5e8c5f0c5b149827814b700735ae65c180cdb Mon Sep 17 00:00:00 2001
From: "wchang0222%aol.com" <wchang0222%aol.com>
Date: Thu, 8 Jul 2004 23:23:50 +0000
Subject: [PATCH] Bugzilla bug 248981: PKCS #11 modules that are based on older
 lib/ckfw (for example, the nssckbi module) save a pointer to the
 CK_C_INITIALIZE_ARGS passed to them. So if we pass a pointer to the stack
 variable moduleArgs, the pointer will point to a structure that has gone out
 of scope. To prevent crashes in these broken modules, we continue to pass a
 pointer to the global secmodLockFunctions whenever we can. r=relyea.

---
 security/nss/lib/pk11wrap/pk11load.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/security/nss/lib/pk11wrap/pk11load.c b/security/nss/lib/pk11wrap/pk11load.c
index 7622f8ac6e6..afe9bd14d2f 100644
--- a/security/nss/lib/pk11wrap/pk11load.c
+++ b/security/nss/lib/pk11wrap/pk11load.c
@@ -142,6 +142,7 @@ SECMOD_LoadPKCS11Module(SECMODModule *mod) {
     CK_INFO info;
     CK_ULONG slotCount = 0;
     CK_C_INITIALIZE_ARGS moduleArgs;
+    CK_VOID_PTR pInitArgs;
 
     if (mod->loaded) return SECSuccess;
 
@@ -227,13 +228,14 @@ SECMOD_LoadPKCS11Module(SECMODModule *mod) {
 
     mod->isThreadSafe = PR_TRUE;
     /* Now we initialize the module */
-    moduleArgs = secmodLockFunctions; /* use the default lock functions */
     if (mod->libraryParams) {
+	moduleArgs = secmodLockFunctions;
 	moduleArgs.LibraryParameters = (void *) mod->libraryParams;
+	pInitArgs = &moduleArgs;
     } else {
-	moduleArgs.LibraryParameters = NULL;
+	pInitArgs = (void *) &secmodLockFunctions;
     }
-    if (PK11_GETTAB(mod)->C_Initialize(&moduleArgs) != CKR_OK) {
+    if (PK11_GETTAB(mod)->C_Initialize(pInitArgs) != CKR_OK) {
 	mod->isThreadSafe = PR_FALSE;
     	if (PK11_GETTAB(mod)->C_Initialize(NULL) != CKR_OK) goto fail;
     }