Closed
Bug 176667
Opened 22 years ago
Closed 22 years ago
Memory leak in CERT_FindCertIssuer
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.6.1
People
(Reporter: KaiE, Assigned: rrelyea)
References
Details
Attachments
(1 file)
547 bytes,
patch
|
KaiE
:
review+
|
Details | Diff | Splinter Review |
Reproduce using the procedure in bug 176666. Function CERT_FindCertIssuer creates a leak for some certificates only. For example, if the certdb contains a permanent copy of the cert from https://www.kuix.de, after a call to CERT_FindCertIssuer, the passed in cert has a reference count increased by one. The cause is: Even if no issuer is found, NSSCertificate_BuildChain returns a chain with the original in it. However, CERT_FindCertIssuer does not free this reference and returns NULL. The fix is to add if (chain[0]) { CERT_DestroyCertificate(cert); } just in front of PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
Comment 2•22 years ago
|
||
Assigned the bug to Bob. Kai, this is the current NSS_CLIENT_TAG, not the MOZILLA_1_0_BRANCH, right?
Assignee: wtc → relyea
Priority: -- → P1
Whiteboard: [3.6.1]
Target Milestone: --- → 3.7
Comment 3•22 years ago
|
||
Good catch, Kai. I went ahead and made the patch.
Reporter | ||
Comment 4•22 years ago
|
||
> this is the current NSS_CLIENT_TAG, not the MOZILLA_1_0_BRANCH, right
Yes, I saw the bug on the NSS_CLIENT_TAG.
But I guess it is in MOZILLA_1_0_BRANCH, too.
Reporter | ||
Comment 5•22 years ago
|
||
Comment on attachment 104151 [details] [diff] [review] free cert on error path r=kaie
Attachment #104151 -
Flags: review+
Comment 6•22 years ago
|
||
Set the version to 3.6 (the current NSS_CLIENT_TAG). If we verify the bug is also in the MOZILLA_1_0_BRANCH, the version should be changed to 3.5.
Version: unspecified → 3.6
Reporter | ||
Comment 7•22 years ago
|
||
I can see the same code on the 1.0 branch, setting version as suggested. The patch works for me, please land it on the NSS_3_6_BRANCH. Thanks.
Version: 3.6 → 3.5
Assignee | ||
Comment 8•22 years ago
|
||
This patch has now been checked into the tip. It has not been checked into the 3.6 or 3.5 branches.
Comment 9•22 years ago
|
||
The patch has been checked into the 3.6 branch. Set the target milestone to 3.6.1 and marked the bug fixed.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Whiteboard: [3.6.1]
Target Milestone: 3.7 → 3.6.1
You need to log in
before you can comment on or make changes to this bug.
Description
•