New coverity issues in Snapshot 164257

RESOLVED FIXED

Status

NSS
Libraries
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: fkiefer, Assigned: fkiefer)

Tracking

(Blocks: 1 bug, {coverity})

trunk
coverity

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [CID 1362973][CID 1362974][CID 1362975][CID 1362976])

Attachments

(1 attachment)

** CID 1362976:  Resource leaks  (RESOURCE_LEAK)
/cmd/ecperf/ecperf.c: 577 in ectest_curve_freebl()


________________________________________________________________________________________________________
*** CID 1362976:  Resource leaks  (RESOURCE_LEAK)
/cmd/ecperf/ecperf.c: 577 in ectest_curve_freebl()
571         arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
572         if (!arena) {
573             return SECFailure;
574         }
575
576         if ((curve < ECCurve_noName) || (curve > ECCurve_pastLastCurve)) {
>>>     CID 1362976:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "arena" going out of scope leaks the storage it points to.
577             return SECFailure;
578         }
579
580         ecParams.name = curve;
581         ecParams.type = ec_params_named;
582         ecParams.curveOID.data = NULL;

** CID 1362975:  Resource leaks  (RESOURCE_LEAK)
/cmd/ecperf/ecperf.c: 298 in hexString2SECItem()


________________________________________________________________________________________________________
*** CID 1362975:  Resource leaks  (RESOURCE_LEAK)
/cmd/ecperf/ecperf.c: 298 in hexString2SECItem()
292         /* skip leading 00's unless the hex string is "00" */
293         while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) {
294             str += 2;
295             tmp -= 2;
296         }
297
>>>     CID 1362975:  Resource leaks  (RESOURCE_LEAK)
>>>     Failing to save or free storage allocated by "SECITEM_AllocItem_Util(arena, item, tmp / 2)" leaks it.
298         if (SECITEM_AllocItem(arena, item, tmp / 2) == NULL) {
299             return NULL;
300         }
301
302         while (str[i]) {
303             if ((str[i] >= '0') && (str[i] <= '9'))

** CID 1362974:    (NULL_RETURNS)
/cmd/bltest/blapitest.c: 3300 in dump_file()
/cmd/bltest/blapitest.c: 3300 in dump_file()
/cmd/bltest/blapitest.c: 3300 in dump_file()


________________________________________________________________________________________________________
*** CID 1362974:    (NULL_RETURNS)
/cmd/bltest/blapitest.c: 3300 in dump_file()
3294
3295     SECStatus
3296     dump_file(bltestCipherMode mode, char *filename)
3297     {
3298         bltestIO keydata;
3299         PLArenaPool *arena = NULL;
>>>     CID 1362974:    (NULL_RETURNS)
>>>     Assigning: "arena" = null return value from "PORT_NewArena_Util".
3300         arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
3301         if (mode == bltestRSA || mode == bltestRSA_PSS || mode == bltestRSA_OAEP) {
3302             RSAPrivateKey *key;
3303             load_file_data(arena, &keydata, filename, bltestBase64Encoded);
3304             key = rsakey_from_filedata(arena, &keydata.buf);
3305             dump_rsakey(key);
/cmd/bltest/blapitest.c: 3300 in dump_file()
3294
3295     SECStatus
3296     dump_file(bltestCipherMode mode, char *filename)
3297     {
3298         bltestIO keydata;
3299         PLArenaPool *arena = NULL;
>>>     CID 1362974:    (NULL_RETURNS)
>>>     Assigning: "arena" = null return value from "PORT_NewArena_Util".
3300         arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
3301         if (mode == bltestRSA || mode == bltestRSA_PSS || mode == bltestRSA_OAEP) {
3302             RSAPrivateKey *key;
3303             load_file_data(arena, &keydata, filename, bltestBase64Encoded);
3304             key = rsakey_from_filedata(arena, &keydata.buf);
3305             dump_rsakey(key);
/cmd/bltest/blapitest.c: 3300 in dump_file()
3294
3295     SECStatus
3296     dump_file(bltestCipherMode mode, char *filename)
3297     {
3298         bltestIO keydata;
3299         PLArenaPool *arena = NULL;
>>>     CID 1362974:    (NULL_RETURNS)
>>>     Assigning: "arena" = null return value from "PORT_NewArena_Util".
3300         arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
3301         if (mode == bltestRSA || mode == bltestRSA_PSS || mode == bltestRSA_OAEP) {
3302             RSAPrivateKey *key;
3303             load_file_data(arena, &keydata, filename, bltestBase64Encoded);
3304             key = rsakey_from_filedata(arena, &keydata.buf);
3305             dump_rsakey(key);

** CID 1362973:  Error handling issues  (CHECKED_RETURN)
/lib/ssl/sslsock.c: 263 in ssl_DupSocket()


________________________________________________________________________________________________________
*** CID 1362973:  Error handling issues  (CHECKED_RETURN)
/lib/ssl/sslsock.c: 263 in ssl_DupSocket()
257         if (!ss) {
258             return NULL;
259         }
260
261         ss->opt = os->opt;
262         ss->opt.useSocks = PR_FALSE;
>>>     CID 1362973:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "SECITEM_CopyItem_Util" without checking return value (as is done elsewhere 263 out of 300 times).
263         SECITEM_CopyItem(NULL, &ss->opt.nextProtoNego, &os->opt.nextProtoNego);
264         ss->vrange = os->vrange;
265
266         ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID);
267         ss->url = !os->url ? NULL : PORT_Strdup(os->url);
268
Created attachment 8767055 [details] [diff] [review]
coverity-issues-164257.patch
Assignee: nobody → franziskuskiefer
Attachment #8767055 - Flags: review?(ttaubert)
Attachment #8767055 - Flags: review?(martin.thomson)
Attachment #8767055 - Flags: review?(ttaubert) → review+
https://hg.mozilla.org/projects/nss/rev/f5ccd8a62ebf
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
Attachment #8767055 - Flags: review?(martin.thomson)
You need to log in before you can comment on or make changes to this bug.