Last Comment Bug 425516 - need to destroy data pointed by CERTValOutParam array in case of error
: need to destroy data pointed by CERTValOutParam array in case of error
Status: RESOLVED FIXED
PKIX NSS312
:
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: 3.12
: All All
: P1 normal (vote)
: 3.12
Assigned To: Alexei Volkov
:
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-03-27 14:50 PDT by Alexei Volkov
Modified: 2008-03-31 14:07 PDT (History)
0 users
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Destroy output params in case of error (1.60 KB, patch)
2008-03-28 11:43 PDT, Alexei Volkov
nelson: review+
Details | Diff | Splinter Review

Description Alexei Volkov 2008-03-27 14:50:17 PDT
In case of returned error, a caller of CERT_PKIXVerifyCert does not expect any data to be in CERTValOutParam that otherwise would be related to "normal" execution result. It means that CERT_PKIXVerifyCert should destroy any data pointers that was set before error has occurred.
Comment 1 Alexei Volkov 2008-03-28 11:43:42 PDT
Created attachment 312327 [details] [diff] [review]
Destroy output params in case of error
Comment 2 Nelson Bolyard (seldom reads bugmail) 2008-03-31 12:29:43 PDT
Comment on attachment 312327 [details] [diff] [review]
Destroy output params in case of error

r+ with one change:

>     if (error != NULL) {
>         SECErrorCodes         nssErrorCode = 0;
> 
>+        cert_pkixDestroyValOutParam(paramsOut);
>         cert_PkixErrorToNssCode(error, &nssErrorCode, plContext);
>         PORT_SetError(nssErrorCode);
>         PKIX_PL_Object_DecRef((PKIX_PL_Object *)error, plContext);
>-        /* XXX Destroy output params in case of error. See bug 425516. */
>     }

The new function should be inserted AFTER the call to cert_PkixErrorToNssCode
and BEFORE the call to PORT_SetError.
Comment 3 Alexei Volkov 2008-03-31 14:05:36 PDT
> The new function should be inserted AFTER the call to cert_PkixErrorToNssCode
> and BEFORE the call to PORT_SetError.
Right. Thanks, Nelson. 

Comment 4 Alexei Volkov 2008-03-31 14:07:45 PDT
Patch is integrated.

Note You need to log in before you can comment on or make changes to this bug.