Closed Bug 339907 Opened 18 years ago Closed 18 years ago

oaep_xor_with_h1 allocates and leaks sha1cx

Categories

(NSS :: Libraries, defect, P3)

Product:
NSS
Component:
Libraries
Version:
3.11.1
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Assigned: sciguyryan)

References

(
URL
)

Details

(Keywords: coverity, Whiteboard: FIPS [CID 577 912])

Attachments

(1 file)

Patch v1
691 bytes, patch
nelson
: review+
wtc
: superreview+
Details | Diff | Splinter Review 
In nss/lib/softoken/rsawrapr.c, static function oaep_xor_with_h1
(which is probably DEAD CODE!) 
allocates a new SHA1cx and then leaks it. 

Coverity CID 912
Priority: -- → P3
Whiteboard: FIPS
Target Milestone: --- → 3.12
Also CID 577
Whiteboard: FIPS → FIPS [CID 577 912]
Attached patch Patch v1Splinter Review 
Patch v1.

Call |SHA1_DestroyContext(sha1cx, PR_TRUE)| before |oaep_xor_with_h1| returns.
Assignee: nobody → sciguyryan+bugzilla
Status: NEW → ASSIGNED
Attachment #242648 - Flags: superreview?(wtchang)
Attachment #242648 - Flags: review?(nelson)
Comment on attachment 242648 [details] [diff] [review]
Patch v1

r=nelson
Attachment #242648 - Flags: review?(nelson) → review+
Comment on attachment 242648 [details] [diff] [review]
Patch v1

r=wtc.  I checked in this patch on the NSS trunk (NSS 3.12),
with a space added to match the existing style in that function.

Checking in rsawrapr.c;
/cvsroot/mozilla/security/nss/lib/softoken/rsawrapr.c,v  <--  rsawrapr.c
new revision: 1.11; previous revision: 1.10
done
Attachment #242648 - Flags: superreview?(wtchang) → superreview+
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: