Closed Bug 336475 Opened 18 years ago Closed 18 years ago

Coverity NSC_VerifyInit error paths don't free "info"

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.11
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.2

People

(Reporter: timeless, Assigned: nelson)

References

(
URL
)

Details

(Keywords: coverity, memory-leak, Whiteboard: FIPS [CID 582])

Attachments

(1 file, 3 obsolete files)

free info in common error path
756 bytes, patch
alvolkov.bgs
: review+
wtc
: superreview+
Details | Diff | Splinter Review
Attached patch please detabify this file (obsolete) — Splinter Review 

    
    

    
  

      
      
      
      

        Attached patch
          
          
        stop leaking (obsolete)
        — Splinter Review
      

    


  
Assignee: nobody → timeless
Status: NEW → ASSIGNED

        Attachment #221175 -
        Flags: review?(nelson)

    
    

    
  
Comment on attachment 221172 [details] [diff] [review]
please detabify this file

The NSS standard coding convention uses tab stops every 8 columns, and indents every 4 columns, using tabs and/or sets of 4 spaces for indentation.

        Attachment #221172 -
        Flags: review-

    
    

    
  


  
This is the essential change contained in the above large patch.

        Attachment #221172 -
        Attachment is obsolete: true

        Attachment #221175 -
        Attachment is obsolete: true

        Attachment #221175 -
        Flags: review?(nelson)
Hardware: PC → All
Target Milestone: --- → 3.11.2

    
    

    
  
Appears that NONE of the error paths in NSC_VerifyInit free "info".
It should be freed in the one common error exit path.
OS: Linux → All
Priority: -- → P2
Summary: NSC_VerifyInit Returned without freeing storage "info" for key_type != CKK_RSA / CKR_KEY_TYPE_INCONSISTENT → NSC_VerifyInit error returns don't free "info"

    
    

    
  
Comment on attachment 221249 [details] [diff] [review]
above patch minus gratuitous whitespace changes

Let's catch this in the one error exit path common to all unsuccessful CRVs instead.

        Attachment #221249 -
        Flags: review-

    
    

    
  
*** Bug 337632 has been marked as a duplicate of this bug. ***
Summary: NSC_VerifyInit error returns don't free "info" → NSC_VerifyInit error paths don't free "info"

    
  
Assignee: timeless → alexei.volkov.bugs
Status: ASSIGNED → NEW
Whiteboard: PKIX

    
  
Assignee: alexei.volkov.bugs → nelson

    
  
Whiteboard: PKIX → FIPS

    
    

    
  


  
Alexei, Wan-Teh, 
please review this softoken patch for this coverity bug.

        Attachment #221249 -
        Attachment is obsolete: true

        Attachment #222410 -
        Flags: superreview?(wtchang)

        Attachment #222410 -
        Flags: review?(alexei.volkov.bugs)

    
    

    
  
Comment on attachment 222410 [details] [diff] [review]
free info in common error path

It will fix the problem. I also think that we should set "crv" in the two places from the url:

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/softoken/pkcs11c.c&rev=1.81&mark=2229,2252#2227

        Attachment #222410 -
        Flags: review?(alexei.volkov.bugs) → review+

    
    

    
  
adding requested super-reviewer to cc list

    
    

    
  
I agree with comment 9.
Bob, what crv should be set in those two cases?

        Attachment #222410 -
        Attachment is obsolete: true

        Attachment #222410 -
        Flags: superreview?(wtchang)

    
    

    
  
Comment on attachment 222410 [details] [diff] [review]
free info in common error path

r=wtc.  crv is set by the preceding sftk_GetPubKey
call as an output parameter whether sftk_GetPubKey
succeeds or fails.

        Attachment #222410 -
        Flags: superreview+

    
    

    
  
Comment on attachment 222410 [details] [diff] [review]
free info in common error path

unobsoleting my patch (now that it has two reviews :)

        Attachment #222410 -
        Attachment is obsolete: false

    
    

    
  
Checking in pkcs11c.c; new revision: 1.82; previous revision: 1.81
Checking in pkcs11c.c; new revision: 1.68.2.12; previous revision: 1.68.2.11
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED

    
    

    
  
CID 582
Whiteboard: FIPS → FIPS [CID 582]

    
  
Summary: NSC_VerifyInit error paths don't free "info" → Coverity NSC_VerifyInit error paths don't free "info"

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: