Closed
Bug 860925
Opened 11 years ago
Closed 9 years ago
Potential memory leaks on managing certificate using dupcert and CERT_AddCertToListTail
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: cviecco, Unassigned)
References
Details
There are two places within nsIdentityChecking.cpp where the idiom: CERT_AddCertToListTail(certList, CERT_DupCertificate($SOMECERT)); is used. This is problematic as there is no garantee that CERT_DupCertificate will actually succeed, further if the CERT_AddCertToListTail call fails there is no way do delete the temporary cert.
Comment 1•11 years ago
|
||
(In reply to Camilo Viecco (:cviecco) from comment #0) > This is problematic as there is no garantee that CERT_DupCertificate will > actually succeed You can rely on CERT_DupCertificate to always succeed. I have verified this before with the NSS team. > further if the CERT_AddCertToListTail call fails there is > no way do delete the temporary cert. Yes, this is a problem.
Comment 2•9 years ago
|
||
It doesn't look like this pattern exists anywhere within PSM anymore. AFAICT Bug 975229 removed most, if not all instances of this pattern: https://hg.mozilla.org/mozilla-central/diff/b3ebf7675c7b/security/certverifier/ExtendedValidation.cpp etc
You need to log in
before you can comment on or make changes to this bug.
Description
•