Closed Bug 337326 Opened 19 years ago Closed 19 years ago

Coverity Leak in nsslowcert_UpdateSubjectEmailAddr (security/nss/lib/softoken/pcertdb.c)

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.2

People

(Reporter: kherron+mozilla, Assigned: alvolkov.bgs)

References

(
URL
)

Details

(Keywords: coverity, Whiteboard: [CID 581] FIPS)

Attachments

(1 file, 1 obsolete file)

prev patch, but with restored "if"s
2.35 KB, patch
nelson
: review+
Details | Diff | Splinter Review
Please refer to the sample URL. At line 2699, |nsslowcert_FixupEmailAddr| allocates a copy of |emailAddr| and returns a pointer to it, which is stored in |emailAddr|. At lines 2723 and 2733, the function can return without freeing this copy.
Whiteboard: [good first bug]
Target Milestone: --- → 3.11.2
Priority: -- → P2
Assignee: nobody → alexei.volkov.bugs
Whiteboard: [good first bug] → [good first bug] PKIX
Whiteboard: [good first bug] PKIX → [good first bug] FIPS
Attached patch Fix for the problem (obsolete) — Splinter Review
Attachment #222285 - Flags: review?(nelson)
Comment on attachment 222285 [details] [diff] [review] Fix for the problem There's one problem with this patch. In the original code, the interpretation of "index" was different depending on the "updateType". If updateType was nsslowcert_remove, then index == -1 meant a shortcut to success (don't have to do anything to remove the entry if it's not actually there). But if updateType was any other value besides nsslowcert_remove, then the shortcut to success is index != 1, the opposite of the other test. This patch substitutes (index == -1) as the shortcut for all updateTypes, which I believe causes all updateTypes except nsslowcert_remove to fail. So, r- for that. Otherwise, this patch was OK.
Attachment #222285 - Flags: review?(nelson) → review-
missread the code.
Attachment #222285 - Attachment is obsolete: true
Attachment #222386 - Flags: review?(nelson)
Comment on attachment 222386 [details] [diff] [review] prev patch, but with restored "if"s r=nelson
Attachment #222386 - Flags: review?(nelson) → review+
trunk: /cvsroot/mozilla/security/nss/lib/softoken/pcertdb.c,v <-- pcertdb.c new revision: 1.63; previous revision: 1.62 3.11 branch: /cvsroot/mozilla/security/nss/lib/softoken/pcertdb.c,v <-- pcertdb.c new revision: 1.53.2.10; previous revision: 1.53.2.9
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
CID 581
Whiteboard: [good first bug] FIPS → [CID 581] FIPS
Summary: Leak in nsslowcert_UpdateSubjectEmailAddr (security/nss/lib/softoken/pcertdb.c) → Coverity Leak in nsslowcert_UpdateSubjectEmailAddr (security/nss/lib/softoken/pcertdb.c)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: