Closed
Bug 49477
Opened 25 years ago
Closed 25 years ago
CERT_OpenCertDB() leaks filename
Categories
(NSS :: Libraries, defect, P3)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.1
People
(Reporter: jgmyers, Assigned: bugz)
Details
Attachments
(2 files)
|
880 bytes,
patch
|
Details | Diff | Splinter Review | |
|
1.00 KB,
patch
|
Details | Diff | Splinter Review |
CERT_OpenCertDB() leaks the filename returned from the filename callback.
|
Reporter | |
Updated•25 years ago
|
Status: NEW → ASSIGNED
|
||
Comment 1•25 years ago
|
||
Ian, is there a duplicate for this bug?
Assignee: jgmyers → mcgreer
Status: ASSIGNED → NEW
Target Milestone: --- → 3.1
|
|
||
Updated•25 years ago
|
QA Contact: wtc → sonmi
|
|
||
Comment 2•25 years ago
|
||
|
|
||
Comment 3•25 years ago
|
||
|
|
||
Comment 4•25 years ago
|
||
This bug is similar to, but not a duplicate of, bug #39476.
Comments on the revised patch (id=15933):
1. SEC_OpenPermCertDB (called by CERT_OpenCertDB) should
free certdbname before it returns.
2. certDBFilenameCallback needs to duplicate the filename
string so that its return value can be freed by
SEC_OpenPermCertDB.
Please review the patch. Thanks.
|
Assignee | |
Comment 5•25 years ago
|
||
this looks fine to me. Thanks Wan-Teh.
|
|
||
Comment 6•25 years ago
|
||
I checked in the fix on the tip.
/cvsroot/mozilla/security/nss/lib/certdb/pcertdb.c, revision 1.4
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 7•25 years ago
|
||
test_cdb_name_cb() in mailnews/mime/src/mimefilt.cpp needs to be changed to
return the cert filename in malloced memory.
Same thing for CertDBFilenameCallback() in security/nss/lib/certdb/pcertdb.c
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
||
Comment 8•25 years ago
|
||
mailnews/mime/src/mimefilt.cpp is not part of NSS.
My checkin already included the change you suggested
for certDBFilenameCallback() in
security/nss/lib/certdb/pcertdb.c.
Status: REOPENED → RESOLVED
Closed: 25 years ago → 25 years ago
Resolution: --- → FIXED
|
|
||
Comment 9•25 years ago
|
||
test_kdb_name_cb() in mailnews/mime/src/mimefilt.cpp
also needs the same change.
|
||
Comment 10•25 years ago
|
||
Do any server products that use NSS also need similar changes?
|
|
Reporter | |
Comment 11•25 years ago
|
||
Possibly. This needs to be mentioned in the release notes.
|
|
||
Comment 12•25 years ago
|
||
Are CERT_OpenCertDB() and SECKEY_OpenKeyDB() typically
only called once in an application session? If so, I'd
like to propose that we back out the PORT_Free() calls
from these two functions so that we do not break existing
filename callback functions that do not return their results
in malloc'ed memory.
On the other hand, since NSS 3.1 is likely to be the first
3.x release that most products will pick up, it might be
sufficient to mention this change in the release notes.
|
|
Reporter | |
Comment 13•25 years ago
|
||
SECKEY_OpenKeyDB() already had a PORT_Free() call for the failure case, so any
existing filename callback function for that function which did not return its
results in malloc'ed memory is already broken.
All of the CERT_OpenCertDB() calls from adminsdk use functions which return
malloc'ed memory.
|
|
||
Comment 14•25 years ago
|
||
> SECKEY_OpenKeyDB() already had a PORT_Free() call for
> the failure case, so any existing filename callback function
> for that function which did not return its results in
> malloc'ed memory is already broken.
Is it possible that the failure case code has never been exercised?
|
|
Reporter | |
Comment 15•25 years ago
|
||
No, because the server I work on ran into it extremely early.
You need to log in
before you can comment on or make changes to this bug.
Description
•