Closed
Bug 1017826
Opened 10 years ago
Closed 10 years ago
newEntry in OCSPCache::Put could leak if its Init fails (i.e. if hashing fails)
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla33
People
(Reporter: keeler, Assigned: hpathak)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID1195361)
Attachments
(1 file, 1 obsolete file)
940 bytes,
patch
|
hpathak
:
review+
|
Details | Diff | Splinter Review |
266 Entry* newEntry = new Entry(); ... 274 SECStatus rv = newEntry->Init(aCert, aIssuerCert, aErrorCode, aThisUpdate, 275 aValidThrough); 276 if (rv != SECSuccess) { 277 return rv; 278 } Init basically involves doing some hashing. In theory this could fail. If it does, newEntry won't get deleted.
This is throwing an assert when nightly starts. [27769] ###!!! ASSERTION: Existing entry in StartupCache.: 'entry == nullptr', file /Users/mozilla/mozilla-central/startupcache/StartupCache.cpp, line 366
Reporter | ||
Comment 2•10 years ago
|
||
Comment on attachment 8437046 [details] [diff] [review] Bug1017826_memory_leak_fix.diff Review of attachment 8437046 [details] [diff] [review]: ----------------------------------------------------------------- Don't forget to ask for review on patches that are ready :) This looks good. Just a comment about your commit message, however: First, the beginning should look more like "bug 1017826:". Also, it's best to comment on the goal of the patch rather than how it achieves it. So, maybe something like "prevent a potential memory leak in OCSPCache::Put".
Attachment #8437046 -
Flags: review+
Reporter | ||
Comment 3•10 years ago
|
||
(In reply to hpathak from comment #1) > Created attachment 8437046 [details] [diff] [review] > Bug1017826_memory_leak_fix.diff > > This is throwing an assert when nightly starts. > > [27769] ###!!! ASSERTION: Existing entry in StartupCache.: 'entry == > nullptr', file /Users/mozilla/mozilla-central/startupcache/StartupCache.cpp, > line 366 I'm fairly sure that's unrelated to this change.
Reporter | ||
Comment 4•10 years ago
|
||
Harsh, a try run with "try: -b do -p <some platform> -u xpcshell -t none" should be sufficient to test this out and get it ready to check in.
Assignee: nobody → hpathak
Flags: needinfo?(hpathak)
https://tbpl.mozilla.org/?tree=Try&rev=cbb957e96911
Attachment #8437046 -
Attachment is obsolete: true
Attachment #8441116 -
Flags: review+
Flags: needinfo?(hpathak)
Keywords: checkin-needed
Comment 6•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/a624df7becd2
Keywords: checkin-needed
Comment 7•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/a624df7becd2
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla33
Reporter | ||
Comment 8•10 years ago
|
||
follow-up to fix indentation nit that I missed: https://hg.mozilla.org/integration/mozilla-inbound/rev/e2178beb5988
Comment 9•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/e2178beb5988
Updated•6 years ago
|
Blocks: coverity-analysis
You need to log in
before you can comment on or make changes to this bug.
Description
•