Last Comment Bug 339907 - oaep_xor_with_h1 allocates and leaks sha1cx
: oaep_xor_with_h1 allocates and leaks sha1cx
Status: RESOLVED FIXED
FIPS [CID 577 912]
: coverity
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: 3.11.1
: All All
: P3 normal (vote)
: 3.12
Assigned To: Ryan Jones
:
Mentors:
http://bonsai.mozilla.org/cvsblame.cg...
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-31 21:08 PDT by Nelson Bolyard (seldom reads bugmail)
Modified: 2006-10-23 14:25 PDT (History)
2 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Patch v1 (691 bytes, patch)
2006-10-18 09:21 PDT, Ryan Jones
nelson: review+
wtc: superreview+
Details | Diff | Review

Description Nelson Bolyard (seldom reads bugmail) 2006-05-31 21:08:37 PDT
In nss/lib/softoken/rsawrapr.c, static function oaep_xor_with_h1
(which is probably DEAD CODE!) 
allocates a new SHA1cx and then leaks it. 

Coverity CID 912
Comment 1 Nelson Bolyard (seldom reads bugmail) 2006-06-10 22:17:51 PDT
Also CID 577
Comment 2 Ryan Jones 2006-10-18 09:21:17 PDT
Created attachment 242648 [details] [diff] [review]
Patch v1

Patch v1.

Call |SHA1_DestroyContext(sha1cx, PR_TRUE)| before |oaep_xor_with_h1| returns.
Comment 3 Nelson Bolyard (seldom reads bugmail) 2006-10-18 12:57:35 PDT
Comment on attachment 242648 [details] [diff] [review]
Patch v1

r=nelson
Comment 4 Wan-Teh Chang 2006-10-23 14:25:40 PDT
Comment on attachment 242648 [details] [diff] [review]
Patch v1

r=wtc.  I checked in this patch on the NSS trunk (NSS 3.12),
with a space added to match the existing style in that function.

Checking in rsawrapr.c;
/cvsroot/mozilla/security/nss/lib/softoken/rsawrapr.c,v  <--  rsawrapr.c
new revision: 1.11; previous revision: 1.10
done

Note You need to log in before you can comment on or make changes to this bug.