Closed Bug 325305 Opened 15 years ago Closed 15 years ago
minor memory leak in CERT
_Find Cert By Name String
CERT_FindCertByNameString leaks memory in case when encoding is unsuccessful.
"name" should be destroyed by CERT_DestroyName(name) before exiting the function
Summary: miner memory leak in CERT_FindCertByNameString → minor memory leak in CERT_FindCertByNameString
Alexei, thanks for finding these bugs. Since you've done the hard work (finding the bugs), please attach patches to fix them.
Assignee: wtchang → alexei.volkov.bugs
Target Milestone: --- → 3.11.1
Comment on attachment 210409 [details] [diff] [review] patch Alexei, with this patch, you also need to initialize 'name' to NULL. An alternative fix is to simply move the CERT_DestroyName(name) call up so that it is right below the SEC_ASN1EncodeItem call (the last use of 'name').
Attachment #210409 - Flags: review?(julien.pierre.bugs) → review-
changing patch to fix the bug with one line fix as suggested by Wan-Teh.
Comment on attachment 210421 [details] [diff] [review] patch v2 r=wtc.
Attachment #210421 - Flags: review?(wtchang) → review+
Comment on attachment 210424 [details] [diff] [review] alternative, less risky way to fix it. r=wtc.
Attachment #210424 - Flags: review?(wtchang) → review+
#3 patch was integrated with Checking in certhigh.c; /cvsroot/mozilla/security/nss/lib/certhigh/certhigh.c,v <-- certhigh.c new revision: 1.35; previous revision: 1.34
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Alexei, Your checkin was to the tip which is 3.12. The bug is currently targeted for 3.11.1. If you want it to go in that release, then you need to make an additional checkin to NSS_LIBPKIX_BRANCH .
Priority: -- → P2
Of course I meant the NSS_3_11_BRANCH, not libpkix ;).
Got it in for 3.11 Checking in certhigh.c; /cvsroot/mozilla/security/nss/lib/certhigh/certhigh.c,v <-- certhigh.c new revision: 188.8.131.52; previous revision: 1.34
Priority: P2 → --
Attachment #210421 - Attachment description: patch → patch v2
You need to log in before you can comment on or make changes to this bug.