Memory leak of mp_int in ECPoints_mul

RESOLVED FIXED in 3.11

Status

NSS
Libraries
RESOLVED FIXED
13 years ago
13 years ago

People

(Reporter: Wan-Teh Chang, Assigned: Wan-Teh Chang)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

1.86 KB, patch
Douglas Stebila
: review+
Nelson Bolyard (seldom reads bugmail)
: superreview+
Details | Diff | Splinter Review
(Assignee)

Description

13 years ago
In mozilla/security/nss/lib/freebl/ecl/ecl_mult.c,
function ECPoints_mul, if k1p and k2p point to the
local mp_int variables k1t and k2t, we never call
mp_clear to free the memory associated with k1t and
k2t.

Also, when we go to the CLEANUP label on an error,
the local variables k1p and k2p may not have been
initialized, so they may be used uninitialized.

I will submit a patch that fixes both problems.
(Assignee)

Comment 1

13 years ago
Created attachment 191383 [details] [diff] [review]
Proposed patch
Attachment #191383 - Flags: superreview?(nelson)
Attachment #191383 - Flags: review?(vipul.gupta)
(Assignee)

Updated

13 years ago
Attachment #191383 - Flags: review?(vipul.gupta) → review?(mozilla.org)

Updated

13 years ago
Attachment #191383 - Flags: review?(mozilla.org) → review+
(Assignee)

Comment 2

13 years ago
Thanks for the code review, Douglas.  I checked in the
patch on the NSS trunk for NSS 3.11.
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.11
Attachment #191383 - Flags: superreview?(nelson) → superreview+
You need to log in before you can comment on or make changes to this bug.