Closed Bug 1549382 Opened 2 years ago Closed 2 years ago

PKCS#11 module leaks if C_GetSlotInfo() returns error

Categories

(NSS :: Libraries, defect, P1)

defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: ueno, Assigned: ueno)

Details

Attachments

(1 file)

SECMODModule is refcounted so it can be released only after all the slots belonging to the module are released. The finalization call sequence is:

SECMOD_DestroyModule(module) ->
PK11_FreeSlot(slot) ->
PK11_DestroySlot(slot) ->
SECMOD_SlotDestroyModule(slot->module, PR_TRUE), if slot->module is non-NULL

However, if a slot is not properly initialized, slot->module is not set and SECMOD_SlotDestroyModule() is never called for that slot. That results in leaking the module.

The attached patch makes sure that slot->module is always set, if slot is initialized with PK11_InitSlot().

Downstream bug: https://bugzilla.redhat.com/show_bug.cgi?id=1648351

Attachment #9062921 - Flags: review?(rrelyea)
Comment on attachment 9062921 [details] [diff] [review]
nss-module-leak.patch

Review of attachment 9062921 [details] [diff] [review]:
-----------------------------------------------------------------

Good catch Daiki.
Attachment #9062921 - Flags: review?(rrelyea) → review+
Assignee: nobody → dueno
Status: NEW → ASSIGNED
Priority: -- → P1
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.45
You need to log in before you can comment on or make changes to this bug.