Closed
Bug 400711
Opened 18 years ago
Closed 18 years ago
SSL_CanBypass leaks memory
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.8
People
(Reporter: glenbeasley, Assigned: glenbeasley)
Details
Attachments
(1 file, 1 obsolete file)
|
541 bytes,
patch
|
nelson
:
review+
julien.pierre
:
superreview+
|
Details | Diff | Splinter Review |
reported by Sun engineer Meena Vyas
libumem shows this :
umem_alloc_160 leak: 2 buffers, 160 bytes each, 320 bytes total
ADDR BUFADDR TIMESTAMP THREAD CACHE
9bbc98 9b9628 1f9d80d3d4b6f0 1 2f008
libumem.so.1`umem_cache_alloc+0x210
libumem.so.1`umem_alloc+0x60
libumem.so.1`malloc+0x28
libnspr4.so`PR_Malloc+0x78
libnss3.so`PORT_Alloc+0x48
libssl3.so`SSL_CanBypass+0x4d0
libns-httpd40.so`int SSLSocketConfiguration::check_bypassconst+0x140
libns-httpd40.so`void SSLSocketConfiguration::enableSSLconst+0x35c
http://mxr.mozilla.org/security/source/security/nss/lib/ssl/derive.c#683
683 enc_pms.data = (unsigned char*)PORT_Alloc(enc_pms.len)
the allocation is never freed.
|
Assignee | |
Updated•18 years ago
|
Status: NEW → ASSIGNED
|
|
Assignee | |
Updated•18 years ago
|
Assignee: nobody → glen.beasley
Status: ASSIGNED → NEW
|
|
Assignee | |
Comment 1•18 years ago
|
||
Attachment #286578 -
Flags: superreview?(nelson)
Attachment #286578 -
Flags: review?(julien.pierre.boogz)
|
||
Comment 2•18 years ago
|
||
Comment on attachment 286578 [details] [diff] [review]
free data if allocated
PORT_Free tests its argument, so this additional test is
redundant. But even better is to call SECITEM_FreeItem.
Please do that.
>+ if (enc_pms.data)
>+ PORT_Free(enc_pms.data);
>+
Attachment #286578 -
Flags: superreview?(nelson) → superreview-
|
|
Assignee | |
Updated•18 years ago
|
Attachment #286578 -
Flags: review?(julien.pierre.boogz)
|
|
Assignee | |
Comment 3•18 years ago
|
||
Attachment #286578 -
Attachment is obsolete: true
Attachment #286724 -
Flags: superreview?(julien.pierre.boogz)
Attachment #286724 -
Flags: review?(nelson)
|
|
||
Comment 4•18 years ago
|
||
Comment on attachment 286724 [details] [diff] [review]
use SECITEM_FreeItem to free
r=nelson
Attachment #286724 -
Flags: review?(nelson) → review+
|
||
Updated•18 years ago
|
Attachment #286724 -
Flags: superreview?(julien.pierre.boogz) → superreview+
|
|
Assignee | |
Comment 5•18 years ago
|
||
/cvsroot/mozilla/security/nss/lib/ssl/derive.c,v <-- derive.c
new revision: 1.8; previous revision: 1.7
done
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 6•18 years ago
|
||
3_11_Branch checkin:
/cvsroot/mozilla/security/nss/lib/ssl/derive.c,v <-- derive.c
new revision: 1.3.2.3; previous revision: 1.3.2.2
done
|
|
||
Updated•18 years ago
|
Priority: -- → P2
Target Milestone: --- → 3.11.8
You need to log in
before you can comment on or make changes to this bug.
Description
•