Open Bug 1279934 Opened 9 years ago Updated 3 years ago

(coverity) resource leak: mailnews/mime/src/nsCMSSecureMessage.cpp: |data| is not freed on early return

Categories

(MailNews Core :: MIME, defect)

Product:
MailNews Core
Component:
MIME
Type:
defect

Tracking

(Not tracked)

People

(Reporter: ishikawa, Unassigned)

References

(Blocks 1 open bug,
URL
)

Details

(Keywords: coverity, Whiteboard: CID 749500)

Coverity found this: 2. Condition !value, taking false branch 118 if (!value) { return NS_ERROR_FAILURE; } 119 3. alloc_arg: decode allocates memory that is stored into data. [show details] 120 rv = decode(value, &data, &length); 4. Condition !!NS_FAILED_impl(rv), taking false branch 5. Condition !!NS_FAILED_impl(rv), taking false branch 6. Condition (bool)!!NS_FAILED_impl(rv), taking false branch 121 if (NS_FAILED(rv)) { 122 MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("nsCMSSecureMessage::DecodeCert - can't decode cert\n")); CID 749500 (#1 of 2): Resource leak (RESOURCE_LEAK) [select issue] 123 return rv; 124 } 125 126 nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID); 7. Condition !certdb.operator bool(), taking true branch 127 if (!certdb) { CID 749500 (#2 of 2): Resource leak (RESOURCE_LEAK)8. leaked_storage: Variable data going out of scope leaks the storage it points to. 128 return NS_ERROR_FAILURE; 129 } 130 Observation. decode() => PL_Base64Decoee() which allocates memory and |data| is released on a normal successful processing by 142 free((char*)data); So we should place |free((char*) data); jsut before the early return on line 128.
No! Make my comment read place |free((char*) data)| both before the early return on line 123 and line 128!
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.