Closed Bug 147794 Opened 22 years ago Closed 22 years ago

PK11_ImportDERPrivateKeyInfoAndReturnKey frees the private key incorrectly

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Version:
3.4.1
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jamie-bugzilla, Assigned: jamie-bugzilla)

Details

Attachments

(1 file, 2 obsolete files)

ArenaZAlloc -> ArenaZNew
1007 bytes, patch
wtc
: review+
Details | Diff | Splinter Review 
Two things:

1. It calls SECKEY_DestroyPrivateKeyInfo with freeit==PR_TRUE. This will free
the arena...but then we turn around and free the arena a second time.

2. It doesn't set the arena field of the PrivateKeyInfo, so
DestroyPrivateKeyInfo will still try to call free() on the individual secitems
in the PKI. This doesn't fail immediately, but causes the memory allocator to
become unstable and fail later--Yuck!

    
    

    
  
Target 3.4.2.
Target Milestone: --- → 3.4.2

    
    

    
  

      
      
      
      

        Attached patch
          
          
        new and improved (obsolete)
        — Splinter Review
      

    


  
This patch is a little cleaner.

        Attachment #85396 -
        Attachment is obsolete: true

    
  
Priority: -- → P1

    
    

    
  
Wan-Teh: is it ok to check this in?

    
  

        Attachment #85828 -
        Flags: review+

    
    

    
  
Comment on attachment 85828 [details] [diff] [review]
new and improved

r=wtc.

>     temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
>-    pki = PORT_ZNew(SECKEYPrivateKeyInfo);
>+    pki = PORT_ArenaZAlloc(SECKEYPrivateKeyInfo);
>+    pki->arena = temparena;
>+    temparena = NULL;

The statement "temparena = NULL;" is not necessary.

    
    

    
  
Agreed. I put it there as more of a reminder that temparena should not be freed.
But I suppose it clutters up the code so I'll take it out.

    
    

    
  


  
The last patch was broken. It called ArenaZAlloc instead of ArenaZNew, and
didn't pass in the arena. The compiler found this problem.

        Attachment #85828 -
        Attachment is obsolete: true

    
    

    
  
Checked in to NSS_3_4_BRANCH (for 3.4.2) and trunk (for 3.6 and beyond).

/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pk12.c,v  <--  pk11pk12.c
new revision: 1.5.8.1; previous revision: 1.5

/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pk12.c,v  <--  pk11pk12.c
new revision: 1.6; previous revision: 1.5
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED

    
    

    
  
Comment on attachment 85851 [details] [diff] [review]
ArenaZAlloc -> ArenaZNew

r=wtc.

Please also check it into the NSS_3_5_BRANCH.
Thanks.

        Attachment #85851 -
        Flags: review+

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: