CERT_FormatName leaks everything if it can't PORT_Alloc for buf

RESOLVED FIXED in 3.12.8

Status

NSS
Libraries
P3
normal
RESOLVED FIXED
8 years ago
8 years ago

People

(Reporter: timeless, Assigned: timeless)

Tracking

({coverity, memory-leak})

trunk
3.12.8
coverity, memory-leak

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

749 bytes, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
(Assignee)

Description

8 years ago
...
                email = CERT_DecodeAVAValue(&ava->value);
                if (!email) {
                        goto loser;
...
    buf = (char *)PORT_Alloc(len);
    if ( !buf ) {
        return(0);
...
loser:
...
    if ( email ) {
        SECITEM_FreeItem(email, PR_TRUE);
    }
...
    return(buf);
(Assignee)

Comment 1

8 years ago
Created attachment 465624 [details] [diff] [review]
patch
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #465624 - Flags: review?(nelson)
Comment on attachment 465624 [details] [diff] [review]
patch

r=nelson, to commit later.
Attachment #465624 - Flags: review?(nelson) → review+
I'm pretty sure this function is not used by anyone anywhere, but it is 
a public exported function of the shared lib, so we can't just nuke it.
Severity: normal → minor
Priority: -- → P3
Target Milestone: --- → 3.12.8
Checking in certhigh/certhtml.c; new revision: 1.9; previous revision: 1.8
Mass checkin of Timeless's coverity fixes on 3.12 branch:

cmd/lib/secutil.c;           new revision: 1.99.2.1; previous revision: 1.99
cmd/lib/secutil.h;           new revision: 1.32.2.1; previous revision: 1.32
cmd/certutil/certutil.c;     new revision: 1.149.2.1; previous revision: 1.149
lib/certhigh/certhtml.c;     new revision: 1.8.66.1; previous revision: 1.8
lib/certhigh/certreq.c;      new revision: 1.8.56.1; previous revision: 1.8
lib/jar/jar.h;               new revision: 1.6.4.1; previous revision: 1.6
lib/smime/cmssiginfo.c;      new revision: 1.32.2.1; previous revision: 1.32
lib/pk11wrap/debug_module.c; new revision: 1.15.2.1; previous revision: 1.15
lib/crmf/servget.c;          new revision: 1.5.66.1; previous revision: 1.5
Severity: minor → normal
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.