Closed
Bug 339907
Opened 18 years ago
Closed 18 years ago
oaep_xor_with_h1 allocates and leaks sha1cx
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: nelson, Assigned: sciguyryan)
References
()
Details
(Keywords: coverity, Whiteboard: FIPS [CID 577 912])
Attachments
(1 file)
691 bytes,
patch
|
nelson
:
review+
wtc
:
superreview+
|
Details | Diff | Splinter Review |
In nss/lib/softoken/rsawrapr.c, static function oaep_xor_with_h1 (which is probably DEAD CODE!) allocates a new SHA1cx and then leaks it. Coverity CID 912
Reporter | ||
Updated•18 years ago
|
Priority: -- → P3
Reporter | ||
Updated•18 years ago
|
Whiteboard: FIPS
Target Milestone: --- → 3.12
Assignee | ||
Updated•18 years ago
|
Assignee | ||
Comment 2•18 years ago
|
||
Patch v1. Call |SHA1_DestroyContext(sha1cx, PR_TRUE)| before |oaep_xor_with_h1| returns.
Assignee: nobody → sciguyryan+bugzilla
Status: NEW → ASSIGNED
Attachment #242648 -
Flags: superreview?(wtchang)
Attachment #242648 -
Flags: review?(nelson)
Reporter | ||
Comment 3•18 years ago
|
||
Comment on attachment 242648 [details] [diff] [review] Patch v1 r=nelson
Attachment #242648 -
Flags: review?(nelson) → review+
Comment 4•18 years ago
|
||
Comment on attachment 242648 [details] [diff] [review] Patch v1 r=wtc. I checked in this patch on the NSS trunk (NSS 3.12), with a space added to match the existing style in that function. Checking in rsawrapr.c; /cvsroot/mozilla/security/nss/lib/softoken/rsawrapr.c,v <-- rsawrapr.c new revision: 1.11; previous revision: 1.10 done
Attachment #242648 -
Flags: superreview?(wtchang) → superreview+
Updated•18 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•