Closed Bug 1289455 Opened 6 years ago Closed 6 years ago

Obviate manual CERT_DestroyCertificate() calls in PSM

Categories

(Core :: Security: PSM, defect, P1)

defect

Tracking

()

RESOLVED FIXED
mozilla51
Tracking Status
firefox51 --- fixed

People

(Reporter: Cykesiopka, Assigned: Cykesiopka)

References

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

Less manual memory management is good.
Summary: Obviate CERT_DestroyCertificate() calls in PSM using UniqueCERTCertificate → Obviate manual CERT_DestroyCertificate() calls in PSM
Comment on attachment 8778372 [details]
Bug 1289455 - Obviate manual CERT_DestroyCertificate() calls in PSM.

https://reviewboard.mozilla.org/r/69690/#review67824

Great - r=me. Along these lines, I was thinking about making it so the array of nsMyTrustedEVInfo doesn't even need to keep a handle on each root certificate (comparing serial number, issuer, and sha-256 hash should be sufficient). This might save us a little bit of memory. Also, some of the code in ExtendedValidation.cpp could be improved, style-wise, but it really isn't urgent.
Attachment #8778372 - Flags: review?(dkeeler) → review+
Comment on attachment 8778372 [details]
Bug 1289455 - Obviate manual CERT_DestroyCertificate() calls in PSM.

https://reviewboard.mozilla.org/r/69690/#review67824

Thanks!

I played around with getting rid of the cert handle, but a naive removal didn't pass tests.
I'll poke around more and file a bug I guess.
https://treeherder.mozilla.org/#/jobs?repo=try&revision=b3697d4bcd39
(The oranges look like intermittents or failures from the base revision.)
Keywords: checkin-needed
Pushed by cbook@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/7afd32fc3da6
Obviate manual CERT_DestroyCertificate() calls in PSM. r=dkeeler
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/7afd32fc3da6
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla51
Depends on: 1307459
You need to log in before you can comment on or make changes to this bug.