Closed Bug 336475 Opened 19 years ago Closed 19 years ago

Coverity NSC_VerifyInit error paths don't free "info"

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.11
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.2

People

(Reporter: timeless, Assigned: nelson)

References

(
URL
)

Details

(Keywords: coverity, memory-leak, Whiteboard: FIPS [CID 582])

Attachments

(1 file, 3 obsolete files)

free info in common error path
756 bytes, patch
alvolkov.bgs
: review+
wtc
: superreview+
Details | Diff | Splinter Review
Attached patch please detabify this file (obsolete) — Splinter Review
Attached patch stop leaking (obsolete) — Splinter Review
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #221175 - Flags: review?(nelson)
Comment on attachment 221172 [details] [diff] [review] please detabify this file The NSS standard coding convention uses tab stops every 8 columns, and indents every 4 columns, using tabs and/or sets of 4 spaces for indentation.
Attachment #221172 - Flags: review-
This is the essential change contained in the above large patch.
Attachment #221172 - Attachment is obsolete: true
Attachment #221175 - Attachment is obsolete: true
Attachment #221175 - Flags: review?(nelson)
Hardware: PC → All
Target Milestone: --- → 3.11.2
Appears that NONE of the error paths in NSC_VerifyInit free "info". It should be freed in the one common error exit path.
OS: Linux → All
Priority: -- → P2
Summary: NSC_VerifyInit Returned without freeing storage "info" for key_type != CKK_RSA / CKR_KEY_TYPE_INCONSISTENT → NSC_VerifyInit error returns don't free "info"
Comment on attachment 221249 [details] [diff] [review] above patch minus gratuitous whitespace changes Let's catch this in the one error exit path common to all unsuccessful CRVs instead.
Attachment #221249 - Flags: review-
*** Bug 337632 has been marked as a duplicate of this bug. ***
Summary: NSC_VerifyInit error returns don't free "info" → NSC_VerifyInit error paths don't free "info"
Assignee: timeless → alexei.volkov.bugs
Status: ASSIGNED → NEW
Whiteboard: PKIX
Assignee: alexei.volkov.bugs → nelson
Whiteboard: PKIX → FIPS
Alexei, Wan-Teh, please review this softoken patch for this coverity bug.
Attachment #221249 - Attachment is obsolete: true
Attachment #222410 - Flags: superreview?(wtchang)
Attachment #222410 - Flags: review?(alexei.volkov.bugs)
Comment on attachment 222410 [details] [diff] [review] free info in common error path It will fix the problem. I also think that we should set "crv" in the two places from the url: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/softoken/pkcs11c.c&rev=1.81&mark=2229,2252#2227
Attachment #222410 - Flags: review?(alexei.volkov.bugs) → review+
adding requested super-reviewer to cc list
I agree with comment 9. Bob, what crv should be set in those two cases?
Attachment #222410 - Attachment is obsolete: true
Attachment #222410 - Flags: superreview?(wtchang)
Comment on attachment 222410 [details] [diff] [review] free info in common error path r=wtc. crv is set by the preceding sftk_GetPubKey call as an output parameter whether sftk_GetPubKey succeeds or fails.
Attachment #222410 - Flags: superreview+
Comment on attachment 222410 [details] [diff] [review] free info in common error path unobsoleting my patch (now that it has two reviews :)
Attachment #222410 - Attachment is obsolete: false
Checking in pkcs11c.c; new revision: 1.82; previous revision: 1.81 Checking in pkcs11c.c; new revision: 1.68.2.12; previous revision: 1.68.2.11
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
CID 582
Whiteboard: FIPS → FIPS [CID 582]
Summary: NSC_VerifyInit error paths don't free "info" → Coverity NSC_VerifyInit error paths don't free "info"
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: