Resource leaks in fipstest.c

RESOLVED FIXED

Status

NSS
Test
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: fkiefer, Assigned: fkiefer)

Tracking

(Blocks: 1 bug, {coverity})

trunk
coverity

Firefox Tracking Flags

(firefox48 affected)

Details

(Whiteboard: CID 1355468, CID 983285, CID 983283, CID 983282, CID 1355469, CID 1355467)

Attachments

(2 attachments)

The file fipstest.c contains multiple resource leaks in function drbg, i.e. the loser label does not free any variables.

* predictedreturn_bytes (CID 1355468)
* additionalInput (CID 983285)
* personalizationString (CID 983284)
* nonce (CID 983283)
* entropyInput (CID 983282)
* predictedreturn_bytes (CID 1355468)
* return_bytes (CID 1355467)
adding CID 1355469 in pk1sign.c (data in SignFile is not freed)
Whiteboard: CID 1355468, CID 983285, CID 983283, CID 983282, CID 1355468, CID 1355467 → CID 1355468, CID 983285, CID 983283, CID 983282, CID 1355469, CID 1355467
Created attachment 8732840 [details] [diff] [review]
fixing-resource-leaks.patch
Assignee: nobody → franziskuskiefer
Attachment #8732840 - Flags: review?(ttaubert)
Comment on attachment 8732840 [details] [diff] [review]
fixing-resource-leaks.patch

Review of attachment 8732840 [details] [diff] [review]:
-----------------------------------------------------------------

::: cmd/pk1sign/pk1sign.c
@@ +162,5 @@
>      ExportPublicKey(outFile, cert);
>      
>      SECKEY_DestroyPrivateKey(privKey);
>      PORT_FreeArena(arena, PR_FALSE);
> +    PORT_Free(data);

There are a few "return -1" lines in this function where we return early upon error. Looks like we'd leak the arena and the private key then, maybe we should come back later and rewrite this in C-style using the "goto loser" pattern.
Attachment #8732840 - Flags: review?(ttaubert) → review+
Created attachment 8732875 [details] [diff] [review]
pk1sign-fixup.patch

follow up to make SignFile free all the things on return.
Attachment #8732875 - Flags: review?(ttaubert)
Attachment #8732875 - Flags: review?(ttaubert) → review+
https://hg.mozilla.org/projects/nss/rev/3e097ed7969a
https://hg.mozilla.org/projects/nss/rev/e859db13b9da
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.