Closed
Bug 391773
Opened 18 years ago
Closed 17 years ago
CERTStatusConfig and ocspCheckingContext on default cert DB leaked on shutdown
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 403888
3.12
People
(Reporter: dbaron, Assigned: julien.pierre)
References
Details
(Keywords: memory-leak)
This bug is filed based on the NSS_3_12_ALPHA1B tag, which is what is currently used by the trunk of Firefox, etc.
The statusConfig and statusContext allocated in ocsp_InitStatusChecking for the default cert DB in Firefox trunk are not freed on shutdown. The following patch fixes the leak for me, although I'm not sure if it's the correct place/time to free them:
--- a/security/nss/lib/pki/trustdomain.c
+++ b/security/nss/lib/pki/trustdomain.c
@@ -131,6 +131,12 @@ NSSTrustDomain_Destroy (
{
PRStatus status = PR_SUCCESS;
if (--td->refCount == 0) {
+#ifdef NSS_3_4_CODE
+ if (td->statusConfig) {
+ td->statusConfig->statusDestroy(td->statusConfig);
+ td->statusConfig = NULL;
+ }
+#endif
/* Destroy each token in the list of tokens */
if (td->tokens) {
nssListIterator_Destroy(td->tokens);
|
||
Updated•18 years ago
|
Priority: -- → P2
Target Milestone: --- → 3.12
Version: 3.12 → 3.11
|
|
||
Comment 1•18 years ago
|
||
The fix for this bug should not be committed while it remains blocked by
bug 391815, and bug 391815 remains unresolved.
|
Assignee | |
Comment 2•17 years ago
|
||
These leaks only occur if CERT_EnableOCSPChecking is called.
Currently, only 3 programs in nss/cmd have an option to do it : ocspclnt, signtool, and vfyserv. And none of them have been tested for leaks in the past.
This is why this memory leak was not found by our automated leak testing.
|
|
Assignee | |
Updated•17 years ago
|
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•