Closed
Bug 1029151
Opened 10 years ago
Closed 10 years ago
Remove dangerous public destructor of nsNSSCertificate
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
FIXED
mozilla34
People
(Reporter: bjacob, Assigned: mccr8)
References
Details
Attachments
(1 file)
4.37 KB,
patch
|
keeler
:
review+
|
Details | Diff | Splinter Review |
In bug 1028588 we removed dangerous public destructors of XPCOM-refcounted classes outside of a finite whitelist, see HasDangerousPublicDestructor. Now we are going over the entries in this whitelist. One of them is: nsNSSCertificate
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → continuation
Assignee | ||
Comment 1•10 years ago
|
||
try: https://tbpl.mozilla.org/?tree=Try&rev=daa327c18c40
Attachment #8464348 -
Flags: review?(dkeeler)
Comment on attachment 8464348 [details] [diff] [review] Remove dangerous public destructor of nsNSSCertificate. Review of attachment 8464348 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/manager/ssl/src/nsClientAuthRemember.cpp @@ +113,5 @@ > > { > ReentrantMonitorAutoEnter lock(monitor); > if (aClientCert) { > + RefPtr<nsNSSCertificate> pipCert = new nsNSSCertificate(aClientCert); Same question as with the other bug (i.e. maybe use this instead: 'RefPtr<nsNSSCertificate> pipCert(new nsNSSCertificate(aClientCert));') ::: security/manager/ssl/src/nsNSSCertificateDB.cpp @@ +1239,5 @@ > for (node = CERT_LIST_HEAD(certList); > !CERT_LIST_END(node, certList); > node = CERT_LIST_NEXT(node)) { > if (getCertType(node->cert) == type) { > + RefPtr<nsNSSCertificate> pipCert = new nsNSSCertificate(node->cert); same
Attachment #8464348 -
Flags: review?(dkeeler) → review+
Assignee | ||
Comment 3•10 years ago
|
||
I don't know either, so I just changed it. https://hg.mozilla.org/integration/mozilla-inbound/rev/7dc88a0988df
Comment 4•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/7dc88a0988df
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla34
You need to log in
before you can comment on or make changes to this bug.
Description
•