Memory leak in on sid->peerID in ssl_DecodeResumptionToken
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
People
(Reporter: kjacobs, Assigned: kjacobs)
References
Details
Attachments
(1 file)
Bug 1607257 reports memory leaks when using external token caching. In SSLExp_SetResumptionToken
, ssl3_NewSessionID
allocates sid->peerID
then ssl_DecodeResumptionToken
does it again (via PORT_Strdup) without freeing.
Confirmed via https://treeherder.mozilla.org/#/jobs?repo=try&revision=adecc16291e291121ca2456cc5962928044177dc and https://treeherder.mozilla.org/#/jobs?repo=try&revision=9dadb29155c738a9bbba9bc9dc12aec641a355fc
It looks like gtests miss this case by not setting a peerID on the socket.
Assignee | ||
Comment 1•5 years ago
|
||
This patch adds a missing PORT_Free()
when reallocating sid->PeerID
, and adds a test for a non-empty PeerID.
Assignee | ||
Comment 2•5 years ago
|
||
Comment 3•5 years ago
|
||
Hi Kevin,
Do you know when will this change be uplifted to mc?
If possible, I'd like to enable SSLTokensCache in next release cycle.
Thanks.
Assignee | ||
Comment 4•5 years ago
|
||
It was uplifted yesterday, though Searchfox hasn't updated yet: https://hg.mozilla.org/mozilla-central/rev/b356f4fe601fe1ceeaf4081b409944569ecaaa34
Description
•