Closed
Bug 135069
Opened 22 years ago
Closed 22 years ago
SEC_PKCS12DestroyExportContext() leaks slot reference
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.5
People
(Reporter: wtc, Assigned: wtc)
References
Details
(Whiteboard: [adt2 RTM])
Attachments
(1 file)
779 bytes,
patch
|
bugz
:
review+
|
Details | Diff | Splinter Review |
SEC_PKCS12CreateExportContext() calls PK11_GetInternalSlot() if the third argument 'slot' is NULL. But SEC_PKCS12DestroyExportContext() does not call PK11_FreeSlot(), so this slot reference is leaked.
Assignee | ||
Comment 1•22 years ago
|
||
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
Assignee | ||
Comment 2•22 years ago
|
||
Grab a reference in SEC_PKCS12CreateExportContext and free the reference in SEC_PKCS12DestroyExportContext. Please review this patch. Thanks.
Assignee | ||
Updated•22 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.5
Comment 3•22 years ago
|
||
Comment on attachment 82944 [details] [diff] [review] Proposed patch I think if we add this code then we need to free the reference in SEC_PKCS12ExportContextDestroy() The other way is to free the PK11_GetInternalSlot() in the Create, but that could 1) get ugly, and 2) more importantly leave a possible (albeit unlikely) scenario where the internal slot disappears before we are done with it .
Attachment #82944 -
Flags: needs-work+
Assignee | ||
Comment 4•22 years ago
|
||
Comment on attachment 82944 [details] [diff] [review] Proposed patch Bob wrote: > I think if we add this code then we need to free the reference in > SEC_PKCS12ExportContextDestroy() That's exactly what my patch does (at @@ -2146,6 +2146,8 @@).
Comment 5•22 years ago
|
||
Comment on attachment 82944 [details] [diff] [review] Proposed patch looks like the slot is correctly freed to me.
Attachment #82944 -
Flags: needs-work+ → review+
Comment 6•22 years ago
|
||
Sorry, I thought it was the error case at 201, but it's clear we don't hit this error case for the case where we set the slot. Ian's correct, the patch is right.
Assignee | ||
Comment 7•22 years ago
|
||
Thanks for the code review. I checked in the patch into the tip of NSS. Marked the bug fixed.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Comment 8•22 years ago
|
||
adt1.0.1+ (on ADT's behalf) for checkin to the 1.0 branch. Pls check this in asap. thanks!
Whiteboard: [adt2 RTM]
Assignee | ||
Updated•22 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•