Closed Bug 230774 Opened 21 years ago Closed 21 years ago

double free in SECU_ReadDERFromFile()

Categories

(NSS :: Tools, defect, P1)

Product:
NSS
Component:
Tools
Platform:
x86
Windows 2000
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Assigned: nelson)

Details

(Keywords: regression)

Rev 1.54 of secutil.c fixed many memory bugs (mostly leaks), and introduced one new bug, a double free in SECU_ReadDERFromFile(). This is not a bug in the NSS shared libraries. This bug only impacts a few NSS command line utilities. The impact is that NSS utility programs such as certutil and pp, which read in certificates from files in base64 encoded format, may crash (especially debug builds) when reading in certs. For example, the command pp -t certificate -a -i somecert.b64 (where -a signifies base64 encoded input) may crash, but the commands: atob -i somecert.b64 -o tmp.der pp -t certificate -i tmp.der would not. The fix is shown below 660 } 661 PORT_Free(asc); <-- delete this line 662 PORT_Free(filedata.data); 663 } else { 664 /* Read in binary der */
r=wtc. Would it look nicer to change all PORT_Free(filedata.data) to PORT_Free(asc)?
/cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v <-- secutil.c new revision: 1.59; previous revision: 1.58 I think freeing filedata.data is more consistent with the rest of rev 1.54
Status: NEW → RESOLVED
Closed: 21 years ago
Priority: -- → P1
Resolution: --- → FIXED
Target Milestone: --- → 3.9.1
Not sure what you meant. I didn't find any other PORT_Free(anItem.data) calls in rev. 1.54. In any case, this is not important.
Keywords: regression
You need to log in before you can comment on or make changes to this bug.