If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

crmf_copy_cert_req_msg leaks poolp if newReqMsg = PORT_ArenaZNew fails

RESOLVED FIXED in 3.12.8

Status

NSS
Libraries
P3
normal
RESOLVED FIXED
7 years ago
7 years ago

People

(Reporter: timeless, Assigned: timeless)

Tracking

({coverity, mlk})

trunk
3.12.8
coverity, mlk

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 2 obsolete attachments)

623 bytes, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
(Assignee)

Description

7 years ago
500 crmf_copy_cert_req_msg(CRMFCertReqMsg *srcReqMsg)

505     poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);

509     newReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
510     if (newReqMsg == NULL) {
511         goto loser;

528  loser:
529     if (newReqMsg != NULL) {
530         CRMF_DestroyCertReqMsg(newReqMsg);
531     }
poolp is leaked here:
532     return NULL;
(Assignee)

Comment 1

7 years ago
Created attachment 466113 [details] [diff] [review]
patch
Assignee: nobody → timeless
Status: NEW → ASSIGNED
Attachment #466113 - Flags: review?(nelson)
(Assignee)

Comment 2

7 years ago
Created attachment 466123 [details] [diff] [review]
patch
Attachment #466113 - Attachment is obsolete: true
Attachment #466123 - Flags: review?(nelson)
Attachment #466113 - Flags: review?(nelson)
(Assignee)

Comment 3

7 years ago
Created attachment 466289 [details] [diff] [review]
with proper function name

:(, the compiler barely warned that i misspelled that function.
Attachment #466123 - Attachment is obsolete: true
Attachment #466289 - Flags: review?(nelson)
Attachment #466123 - Flags: review?(nelson)
Priority: -- → P3
Target Milestone: --- → 3.12.6
Comment on attachment 466289 [details] [diff] [review]
with proper function name

r=nelson
Attachment #466289 - Flags: review?(nelson) → review+
Checking in crmf/servget.c; new revision: 1.6; previous revision: 1.5
Target Milestone: 3.12.6 → 3.12.8
Mass checkin of Timeless's coverity fixes on 3.12 branch:

cmd/lib/secutil.c;           new revision: 1.99.2.1; previous revision: 1.99
cmd/lib/secutil.h;           new revision: 1.32.2.1; previous revision: 1.32
cmd/certutil/certutil.c;     new revision: 1.149.2.1; previous revision: 1.149
lib/certhigh/certhtml.c;     new revision: 1.8.66.1; previous revision: 1.8
lib/certhigh/certreq.c;      new revision: 1.8.56.1; previous revision: 1.8
lib/jar/jar.h;               new revision: 1.6.4.1; previous revision: 1.6
lib/smime/cmssiginfo.c;      new revision: 1.32.2.1; previous revision: 1.32
lib/pk11wrap/debug_module.c; new revision: 1.15.2.1; previous revision: 1.15
lib/crmf/servget.c;          new revision: 1.5.66.1; previous revision: 1.5
Status: ASSIGNED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.