Last Comment Bug 417399 - Arena Allocation results are not checked in pkix_pl_InfoAccess_ParseLocation
: Arena Allocation results are not checked in pkix_pl_InfoAccess_ParseLocation
Status: RESOLVED FIXED
PKIX
:
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: unspecified
: All All
: P1 normal (vote)
: 3.12.1
Assigned To: Alexei Volkov
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-13 19:33 PST by Alexei Volkov
Modified: 2008-06-25 11:51 PDT (History)
0 users
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Patch v1 - check pointer for NULL after allocation (3.41 KB, patch)
2008-06-24 15:54 PDT, Alexei Volkov
nelson: review+
Details | Diff | Review

Description Alexei Volkov 2008-02-13 19:33:21 PST
The function also leaks memory if parsing error occurs.
Comment 1 Alexei Volkov 2008-06-24 15:54:44 PDT
Created attachment 326578 [details] [diff] [review]
Patch v1 - check pointer for NULL after allocation
Comment 2 Nelson Bolyard (seldom reads bugmail) 2008-06-24 18:11:53 PDT
Comment on attachment 326578 [details] [diff] [review]
Patch v1 - check pointer for NULL after allocation

This patch is good, as far as it goes.  While you're at it, some of these
PORT_ArenaZAlloc calls should be changed to PORT_ArenaZNewArray calls.
Please make the changes indicated below.

>-        PKIX_PL_NSSCALLRV
>-                (INFOACCESS, *tokens, PORT_ArenaZAlloc,
>-                (arena, (numFilters+1)*sizeof(void *)));
>+        filterP = PORT_ArenaZAlloc(arena, (numFilters+1)*sizeof(void *));

          filterP = PORT_ArenaZNewArray(arena, void *, numFilters+1);


>         /* Get room for null-terminated array of (LdapNameComponent *) */
>-        PKIX_PL_NSSCALLRV
>-                (INFOACCESS, v, PORT_ArenaZAlloc,
>-                (arena, len*sizeof(LDAPNameComponent *)));
>+        v = PORT_ArenaZAlloc(arena, len*sizeof(LDAPNameComponent *));
>+        if (v == NULL) {
>+            PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
>+        }
> 
>         setOfNameComponent = (LDAPNameComponent **)v;

There's no need to use a void * in the above code.
Those lines above should be:

          setOfNameComponent = 
                    PORT_ArenaZNewArray(arena, LDAPNameComponent *, len);
          if (!setOfNameComponent) 
              PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);


>         /* Get room for the remaining LdapNameComponents */
>-        PKIX_PL_NSSCALLRV
>-                (INFOACCESS, v, PORT_ArenaZNewArray,
>-                (arena, LDAPNameComponent, --len));
>+        v = PORT_ArenaZNewArray(arena, LDAPNameComponent, --len);
>+        if (v == NULL) {
>+            PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
>+        }
> 
>         nameComponent = (LDAPNameComponent *)v;

There's no need to use a void * in the above code.  
PORT_ArenaZNewArray already returns a pointer of type (LDAPNameComponent *)
so, make that code be the much clearer

          nameComponent = 
                   PORT_ArenaZNewArray(arena, LDAPNameComponent, --len);
          if (!nameComponent)
               PKIX_ERROR(PKIX_PORTARENAALLOCFAILED);
Comment 3 Alexei Volkov 2008-06-25 11:51:13 PDT
Thanks for the review. Patch and suggested changes have been integrated.

Note You need to log in before you can comment on or make changes to this bug.