Closed
Bug 1209541
Opened 10 years ago
Closed 10 years ago
[Coverity 1078803] Leak of memory or pointers to system resources in NSS_CMSSignerInfo_Verify
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(firefox44 affected)
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox44 | --- | affected |
People
(Reporter: ttaubert, Assigned: ttaubert)
References
(Blocks 1 open bug)
Details
> if ((poolp = PORT_NewArena (1024)) == NULL) {
> vs = NSSCMSVS_ProcessingError;
> goto loser;
> }
>
> encoded_attrs.data = NULL;
> encoded_attrs.len = 0;
>
> if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr),
> &encoded_attrs) == NULL ||
> encoded_attrs.data == NULL || encoded_attrs.len == 0) {
> vs = NSSCMSVS_ProcessingError;
> goto loser;
> }
>
> vs = (VFY_VerifyDataDirect(encoded_attrs.data, encoded_attrs.len,
> publickey, &(signerinfo->encDigest), pubkAlgTag,
> digestalgtag, NULL, signerinfo->cmsg->pwfn_arg) != SECSuccess)
> ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
>
> PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */
11. alloc_fn: Storage is returned from allocation function PORT_NewArena_Util.
12. var_assign: Assigning: poolp = storage returned from PORT_NewArena_Util(1024UL).
14. noescape: Resource poolp is not freed or pointed-to in NSS_CMSAttributeArray_Encode.
18. leaked_storage: Variable poolp going out of scope leaks the storage it points to.
| Assignee | ||
Comment 1•10 years ago
|
||
Patch at: https://codereview.appspot.com/264540043
Assignee: nobody → ttaubert
Status: NEW → ASSIGNED
Flags: needinfo?(martin.thomson)
Flags: needinfo?(ekr)
Comment 3•10 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Flags: needinfo?(martin.thomson)
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•