Closed
Bug 351769
Opened 18 years ago
Closed 17 years ago
pk12util leaks password strings
Categories
(NSS :: Tools, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.8
People
(Reporter: nelson, Assigned: neil.williams)
Details
(Keywords: memory-leak)
In function P12U_GetP12FilePassword of pk12util, we find this loop:
for (;;) {
p0 = SECU_GetPasswordString(NULL,
"Enter password for PKCS12 file: ");
if (!confirmPw)
break;
p1 = SECU_GetPasswordString(NULL, "Re-enter password: ");
if (PL_strcmp(p0, p1) == 0)
break;
}
SECU_GetPasswordString returns a strdup'ed string. If the two strings
(p0 and p1) don't match, the loop repeats without zeroing and freeing
the just-gotten values, leaking them.
|
Reporter | |
Comment 1•18 years ago
|
||
Worse, this loop doesn't check p0 or p1 for being non-NULL before
passing their values to PL_strcmp. Boom.
|
Assignee | |
Updated•18 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.11.4
|
|
Assignee | |
Updated•17 years ago
|
Target Milestone: 3.11.4 → 3.11.8
|
|
Assignee | |
Comment 2•17 years ago
|
||
Fixed by patches to bug 351767.
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 3•17 years ago
|
||
Neil, bug 351767 was fixed in 3.11.7, but this bug is targetted at 3.11.8.
which is correct?
You need to log in
before you can comment on or make changes to this bug.
Description
•