Closed
Bug 1026688
Opened 12 years ago
Closed 10 years ago
[CID 1202865][CID 1202869] Possible leak of |ciphercx| in sec_PKCS7CreateEncryptObject and NSS_CMSCipherContext_StartEncrypt on failure
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.21
People
(Reporter: erahm, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: [MemShrink:P3][CID 1202865][CID 1202869])
If the call to PK11_ParamToAlgid [1] fails |ciphercx| is leaked.
[1] http://dxr.mozilla.org/mozilla-central/source/security/nss/lib/pkcs7/p7local.c#189,203-204
| Reporter | ||
Comment 1•12 years ago
|
||
Same issue in NSS_CMSCipherContext_StartEncrypt.
http://dxr.mozilla.org/mozilla-central/source/security/nss/lib/smime/cmscipher.c?from=NSS_CMSCipherContext_StartEncrypt&case=true#163,180-181
Summary: Possible leak of |ciphercx| in sec_PKCS7CreateEncryptObject on failure → Possible leak of |ciphercx| in sec_PKCS7CreateEncryptObject and NSS_CMSCipherContext_StartEncrypt on failure
Whiteboard: [MemShrink][CID 1202865] → [MemShrink][CID 1202865][CID 1202869]
Updated•12 years ago
|
Whiteboard: [MemShrink][CID 1202865][CID 1202869] → [MemShrink:P3][CID 1202865][CID 1202869]
Updated•10 years ago
|
Blocks: nss-coverity
Updated•10 years ago
|
Summary: Possible leak of |ciphercx| in sec_PKCS7CreateEncryptObject and NSS_CMSCipherContext_StartEncrypt on failure → [CID 1202865][CID 1202869] Possible leak of |ciphercx| in sec_PKCS7CreateEncryptObject and NSS_CMSCipherContext_StartEncrypt on failure
Comment 2•10 years ago
|
||
Patch is at https://codereview.appspot.com/266430043
ciphercx has to be destroyed ParamToAlgid fails.
Flags: needinfo?(martin.thomson)
Comment 3•10 years ago
|
||
A few tweaks needed, also, +ekr.
Flags: needinfo?(martin.thomson) → needinfo?(ekr)
Comment 4•10 years ago
|
||
Flags: needinfo?(martin.thomson)
Comment 5•10 years ago
|
||
https://hg.mozilla.org/projects/nss/rev/93441bfdc891
Note for future reference: rietveld screws up patches with multiple changesets in subtle and dangerous ways. If you have multiple changesets, please upload patches to bugzilla as well.
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: needinfo?(martin.thomson)
Flags: needinfo?(ekr)
Resolution: --- → FIXED
Target Milestone: --- → 3.21
You need to log in
before you can comment on or make changes to this bug.
Description
•