Closed Bug 325305 Opened 15 years ago Closed 15 years ago

minor memory leak in CERT_FindCertByNameString

Categories

(NSS :: Libraries, defect, P1)

3.11
defect

Tracking

(Not tracked)

RESOLVED FIXED
3.11.1

People

(Reporter: alvolkov.bgs, Assigned: alvolkov.bgs)

Details

(Keywords: memory-leak)

Attachments

(1 file, 2 obsolete files)

CERT_FindCertByNameString leaks memory in case when encoding is unsuccessful.
"name" should be destroyed by CERT_DestroyName(name) before exiting the function
Keywords: mlk
Summary: miner memory leak in CERT_FindCertByNameString → minor memory leak in CERT_FindCertByNameString
Alexei, thanks for finding these bugs.  
Since you've done the hard work (finding the bugs), 
please attach patches to fix them.
Assignee: wtchang → alexei.volkov.bugs
Target Milestone: --- → 3.11.1
Version: 3.11.1 → 3.11
Attached patch patch (obsolete) — Splinter Review
Attachment #210409 - Flags: review?(julien.pierre.bugs)
Comment on attachment 210409 [details] [diff] [review]
patch

Alexei, with this patch, you also need to initialize 'name' to NULL.

An alternative fix is to simply move the
CERT_DestroyName(name) call up so that it is
right below the SEC_ASN1EncodeItem call (the
last use of 'name').
Attachment #210409 - Flags: review?(julien.pierre.bugs) → review-
Attached patch patch v2 (obsolete) — Splinter Review
changing patch to fix the bug with one line fix as suggested by Wan-Teh.
Attachment #210409 - Attachment is obsolete: true
Attachment #210421 - Flags: review?(wtchang)
Comment on attachment 210421 [details] [diff] [review]
patch v2

r=wtc.
Attachment #210421 - Flags: review?(wtchang) → review+
Attachment #210424 - Flags: review?(wtchang)
Comment on attachment 210424 [details] [diff] [review]
alternative, less risky way to fix it.

r=wtc.
Attachment #210424 - Flags: review?(wtchang) → review+
#3 patch was integrated with

Checking in certhigh.c;
/cvsroot/mozilla/security/nss/lib/certhigh/certhigh.c,v  <--  certhigh.c
new revision: 1.35; previous revision: 1.34
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Alexei,

Your checkin was to the tip which is 3.12. The bug is currently targeted for 3.11.1. If you want it to go in that release, then you need to make an additional checkin to NSS_LIBPKIX_BRANCH .
Priority: -- → P2
Of course I meant the NSS_3_11_BRANCH, not libpkix ;).
Got it in for 3.11

Checking in certhigh.c;
/cvsroot/mozilla/security/nss/lib/certhigh/certhigh.c,v  <--  certhigh.c
new revision: 1.34.2.1; previous revision: 1.34
Priority: P2 → --
Attachment #210421 - Attachment is obsolete: true
Attachment #210421 - Attachment description: patch → patch v2
Priority: -- → P1
You need to log in before you can comment on or make changes to this bug.