Closed
Bug 518446
Opened 15 years ago
Closed 15 years ago
PK11_DEREncodePublicKey leaks a CERTSubjectPublicKeyInfo
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.5
People
(Reporter: wtc, Assigned: wtc)
References
Details
(Keywords: memory-leak)
Attachments
(2 files, 1 obsolete file)
|
1.18 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
|
1.84 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
PK11_DEREncodePublicKey creates a CERTSubjectPublicKeyInfo object but forgets to destroy it. This is found by running valgrind: 11:38:29 memcheck_analyze.py [ERROR] Leak_DefinitelyLost 2,195 (36 direct, 2,159 indirect) bytes in 1 blocks are definitely lost in loss record 808 of 819 calloc (ome/chrome-bot/valgrind-20090715/coregrind/m_replacemalloc/vg_replace_malloc.c:415) PR_Calloc (ild/buildd/nspr-4.7.1+1.9/mozilla/nsprpub/pr/src/malloc/prmem.c:474) PORT_ZAlloc_Util (ild/buildd/nss-3.12.0.3/mozilla/security/nss/lib/util/secport.c:140) PORT_NewArena_Util (ild/buildd/nss-3.12.0.3/mozilla/security/nss/lib/util/secport.c:198) SECKEY_CreateSubjectPublicKeyInfo (ild/buildd/nss-3.12.0.3/mozilla/security/nss/lib/cryptohi/seckey.c:1787) PK11_DEREncodePublicKey (ild/buildd/nss-3.12.0.3/mozilla/security/nss/lib/pk11wrap/pk11akey.c:1575)
Attachment #402443 -
Flags: review?(rrelyea)
|
Assignee | |
Comment 1•15 years ago
|
||
Remove a redundant NULL check. Just rely on SECKEY_CreateSubjectPublicKeyInfo, which not only does a NULL check but also sets the SEC_ERROR_INVALID_ARGS error code.
Attachment #402443 -
Attachment is obsolete: true
Attachment #402455 -
Flags: review?(rrelyea)
Attachment #402443 -
Flags: review?(rrelyea)
|
|
Assignee | |
Comment 2•15 years ago
|
||
Memory leaks are less serious in cmd, so I don't want to waste your precious time reviewing this patch. Feel free to ignore this patch.
|
||
Comment 3•15 years ago
|
||
Wan-Teh, as you know, we have Tinderboxes that run continuous memory leak tests. When they find a memory leak, Slavo files a bug on it, and enters an entry into the file of "ignored" leak stacks. Now I wonder which of the following explains the leak reported in this bug. a) this is a duplicate of a reported and presently ignored leak. b) this is a leak that is not detected by our tinderbox leak tests. (why not?) c) other?
|
|
Assignee | |
Comment 4•15 years ago
|
||
MXR shows that PK11_DEREncodePublicKey is only used by JSS: http://mxr.mozilla.org/security/ident?i=PK11_DEREncodePublicKey http://mxr.mozilla.org/mozilla-central/ident?i=PK11_DEREncodePublicKey That's why our Tinderboxes can't detect this memory leak.
|
||
Comment 5•15 years ago
|
||
Comment on attachment 402455 [details] [diff] [review] Proposed patch v2 r+ rrelyea
Attachment #402455 -
Flags: review?(rrelyea) → review+
|
|
||
Comment 6•15 years ago
|
||
Comment on attachment 402457 [details] [diff] [review] Fix similar problems in cmd r+ rrelyea Let's fix the command leaks as well.
Attachment #402457 -
Flags: review+
|
|
Assignee | |
Comment 7•15 years ago
|
||
I checked in the patches on the NSS trunk (NSS 3.12.5). Checking in pk11akey.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11akey.c,v <-- pk11akey.c new revision: 1.28; previous revision: 1.27 done Checking in certutil.c; /cvsroot/mozilla/security/nss/cmd/certutil/certutil.c,v <-- certutil.c new revision: 1.147; previous revision: 1.146 done Checking in certgen.c; /cvsroot/mozilla/security/nss/cmd/signtool/certgen.c,v <-- certgen.c new revision: 1.14; previous revision: 1.13 done
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•