The default bug view has changed. See this FAQ.

oaep_xor_with_h1 allocates and leaks sha1cx

RESOLVED FIXED in 3.12

Status

NSS
Libraries
P3
normal
RESOLVED FIXED
11 years ago
11 years ago

People

(Reporter: Nelson Bolyard (seldom reads bugmail), Assigned: Ryan Jones)

Tracking

({coverity})

3.11.1
3.12
coverity

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: FIPS [CID 577 912], URL)

Attachments

(1 attachment)

691 bytes, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Wan-Teh Chang
: superreview+
Details | Diff | Splinter Review
In nss/lib/softoken/rsawrapr.c, static function oaep_xor_with_h1
(which is probably DEAD CODE!) 
allocates a new SHA1cx and then leaks it. 

Coverity CID 912
(Reporter)

Updated

11 years ago
Priority: -- → P3
(Reporter)

Updated

11 years ago
Whiteboard: FIPS
Target Milestone: --- → 3.12
(Reporter)

Comment 1

11 years ago
Also CID 577
Whiteboard: FIPS → FIPS [CID 577 912]
(Assignee)

Updated

11 years ago
(Assignee)

Comment 2

11 years ago
Created attachment 242648 [details] [diff] [review]
Patch v1

Patch v1.

Call |SHA1_DestroyContext(sha1cx, PR_TRUE)| before |oaep_xor_with_h1| returns.
Assignee: nobody → sciguyryan+bugzilla
Status: NEW → ASSIGNED
Attachment #242648 - Flags: superreview?(wtchang)
Attachment #242648 - Flags: review?(nelson)
(Reporter)

Comment 3

11 years ago
Comment on attachment 242648 [details] [diff] [review]
Patch v1

r=nelson
Attachment #242648 - Flags: review?(nelson) → review+

Comment 4

11 years ago
Comment on attachment 242648 [details] [diff] [review]
Patch v1

r=wtc.  I checked in this patch on the NSS trunk (NSS 3.12),
with a space added to match the existing style in that function.

Checking in rsawrapr.c;
/cvsroot/mozilla/security/nss/lib/softoken/rsawrapr.c,v  <--  rsawrapr.c
new revision: 1.11; previous revision: 1.10
done
Attachment #242648 - Flags: superreview?(wtchang) → superreview+

Updated

11 years ago
Status: ASSIGNED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.