Closed Bug 1256268 Opened 8 years ago Closed 8 years ago

Resource leaks in fipstest.c

Categories

(NSS :: Test, defect)

Product:
NSS
Component:
Test
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(firefox48 affected)

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
firefox48 --- affected

People

(Reporter: franziskus, Assigned: franziskus)

References

(Blocks 1 open bug)

Details

(Keywords: coverity, Whiteboard: CID 1355468, CID 983285, CID 983283, CID 983282, CID 1355469, CID 1355467)

Attachments

(2 files)

fixing-resource-leaks.patch
1.80 KB, patch
ttaubert
: review+
Details | Diff | Splinter Review
pk1sign-fixup.patch
3.06 KB, patch
ttaubert
: review+
Details | Diff | Splinter Review 
The file fipstest.c contains multiple resource leaks in function drbg, i.e. the loser label does not free any variables.

* predictedreturn_bytes (CID 1355468)
* additionalInput (CID 983285)
* personalizationString (CID 983284)
* nonce (CID 983283)
* entropyInput (CID 983282)
* predictedreturn_bytes (CID 1355468)
* return_bytes (CID 1355467)
adding CID 1355469 in pk1sign.c (data in SignFile is not freed)
Whiteboard: CID 1355468, CID 983285, CID 983283, CID 983282, CID 1355468, CID 1355467 → CID 1355468, CID 983285, CID 983283, CID 983282, CID 1355469, CID 1355467
Assignee: nobody → franziskuskiefer

        Attachment #8732840 -
        Flags: review?(ttaubert)

    
    

    
  
Comment on attachment 8732840 [details] [diff] [review]
fixing-resource-leaks.patch

Review of attachment 8732840 [details] [diff] [review]:
-----------------------------------------------------------------

::: cmd/pk1sign/pk1sign.c
@@ +162,5 @@
>      ExportPublicKey(outFile, cert);
>      
>      SECKEY_DestroyPrivateKey(privKey);
>      PORT_FreeArena(arena, PR_FALSE);
> +    PORT_Free(data);

There are a few "return -1" lines in this function where we return early upon error. Looks like we'd leak the arena and the private key then, maybe we should come back later and rewrite this in C-style using the "goto loser" pattern.

        Attachment #8732840 -
        Flags: review?(ttaubert) → review+

    
    

    
  


  
follow up to make SignFile free all the things on return.

        Attachment #8732875 -
        Flags: review?(ttaubert)

        Attachment #8732875 -
        Flags: review?(ttaubert) → review+

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: