Closed Bug 400711 Opened 16 years ago Closed 16 years ago

SSL_CanBypass leaks memory

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Platform:
x86
All
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.8

People

(Reporter: glenbeasley, Assigned: glenbeasley)

Details

Attachments

(1 file, 1 obsolete file)

use SECITEM_FreeItem to free
541 bytes, patch
nelson
: review+
julien.pierre
: superreview+
Details | Diff | Splinter Review 
reported by Sun engineer Meena Vyas

libumem shows this :
umem_alloc_160 leak: 2 buffers, 160 bytes each, 320 bytes total
ADDR          BUFADDR        TIMESTAMP   THREAD  CACHE
9bbc98         9b9628   1f9d80d3d4b6f0        1  2f008    
libumem.so.1`umem_cache_alloc+0x210
libumem.so.1`umem_alloc+0x60
libumem.so.1`malloc+0x28
libnspr4.so`PR_Malloc+0x78
libnss3.so`PORT_Alloc+0x48
libssl3.so`SSL_CanBypass+0x4d0
libns-httpd40.so`int SSLSocketConfiguration::check_bypassconst+0x140
libns-httpd40.so`void SSLSocketConfiguration::enableSSLconst+0x35c


http://mxr.mozilla.org/security/source/security/nss/lib/ssl/derive.c#683
683             enc_pms.data = (unsigned char*)PORT_Alloc(enc_pms.len)

the allocation is never freed.
Status: NEW → ASSIGNED
Assignee: nobody → glen.beasley
Status: ASSIGNED → NEW
Attached patch free data if allocated (obsolete) — Splinter Review 

        Attachment #286578 -
        Flags: superreview?(nelson)

        Attachment #286578 -
        Flags: review?(julien.pierre.boogz)

    
    

    
  
Comment on attachment 286578 [details] [diff] [review]
free data  if allocated 

PORT_Free tests its argument, so this additional test is
redundant.  But even better is to call SECITEM_FreeItem.
Please do that.

>+    if (enc_pms.data)
>+       PORT_Free(enc_pms.data);
>+

        Attachment #286578 -
        Flags: superreview?(nelson) → superreview-

    
  

        Attachment #286578 -
        Flags: review?(julien.pierre.boogz)

    
    

    
  


  

        Attachment #286578 -
        Attachment is obsolete: true

        Attachment #286724 -
        Flags: superreview?(julien.pierre.boogz)

        Attachment #286724 -
        Flags: review?(nelson)

    
    

    
  
Comment on attachment 286724 [details] [diff] [review]
use SECITEM_FreeItem to free 

r=nelson

        Attachment #286724 -
        Flags: review?(nelson) → review+

    
  

        Attachment #286724 -
        Flags: superreview?(julien.pierre.boogz) → superreview+

    
    

    
  
/cvsroot/mozilla/security/nss/lib/ssl/derive.c,v  <--  derive.c
new revision: 1.8; previous revision: 1.7
done

Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED

    
    

    
  
3_11_Branch checkin:

/cvsroot/mozilla/security/nss/lib/ssl/derive.c,v  <--  derive.c
new revision: 1.3.2.3; previous revision: 1.3.2.2
done


    
  
Priority: -- → P2
Target Milestone: --- → 3.11.8

          You need to log in
          before you can comment on or make changes to this bug.