Coverity Leak in OpenNewDB (security/nss/lib/softoken/keydb.c)

RESOLVED FIXED in 3.11.2

Status

NSS
Libraries
P2
normal
RESOLVED FIXED
12 years ago
12 years ago

People

(Reporter: Kenneth Herron, Assigned: Alexei Volkov)

Tracking

({coverity})

unspecified
3.11.2
coverity

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [CID 580] FIPS, URL)

Attachments

(1 attachment)

987 bytes, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
(Reporter)

Description

12 years ago
Please refer to the sample URL. At line 945, |nsslowkey_NewHandle| is called which allocates a handle. The same function is called again at line 954, overwriting the pointer to the first allocation. It looks like the first call is just a mistake.
(Reporter)

Updated

12 years ago
Whiteboard: [good first bug]
Target Milestone: --- → 3.11.2
Priority: -- → P2
(Assignee)

Updated

12 years ago
Assignee: nobody → alexei.volkov.bugs
Whiteboard: [good first bug] → [good first bug] PKIX
(Assignee)

Updated

12 years ago
Whiteboard: [good first bug] PKIX → [good first bug] FIPS
(Assignee)

Comment 1

12 years ago
Created attachment 222286 [details] [diff] [review]
remove first init of "updateHandle"
Attachment #222286 - Flags: review?(nelson)
Comment on attachment 222286 [details] [diff] [review]
remove first init of "updateHandle"

r=nelson
Attachment #222286 - Flags: review?(nelson) → review+
(Assignee)

Comment 3

12 years ago
trunk
/cvsroot/mozilla/security/nss/lib/softoken/keydb.c,v  <--  keydb.c
new revision: 1.45; previous revision: 1.44

3.11 branch
/cvsroot/mozilla/security/nss/lib/softoken/keydb.c,v  <--  keydb.c
new revision: 1.40.2.3; previous revision: 1.40.2.2

Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → FIXED
CID 580
Whiteboard: [good first bug] FIPS → [CID 580] FIPS

Updated

12 years ago
Summary: Leak in OpenNewDB (security/nss/lib/softoken/keydb.c) → Coverity Leak in OpenNewDB (security/nss/lib/softoken/keydb.c)
You need to log in before you can comment on or make changes to this bug.