зеркало из https://github.com/mozilla/gecko-dev.git
fix leakage in traversal functions that convert certs to CERTCertificates
This commit is contained in:
Родитель
b482961799
Коммит
82686aae13
|
@ -111,7 +111,11 @@ static PRStatus convert_and_cache_cert(NSSCertificate *c, void *arg)
|
|||
static void cert_destructor(void *el)
|
||||
{
|
||||
NSSCertificate *c = (NSSCertificate *)el;
|
||||
NSSCertificate_Destroy(c);
|
||||
CERTCertificate *cert = STAN_GetCERTCertificate(c);
|
||||
/* It's already been obtained as a CERTCertificate, so it must
|
||||
* be destroyed as one
|
||||
*/
|
||||
CERT_DestroyCertificate(cert);
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -1584,6 +1588,7 @@ PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
|
|||
cert->dbhandle = STAN_GetDefaultTrustDomain();
|
||||
if (cert->slot == NULL) {
|
||||
cert->slot = PK11_ReferenceSlot(slot);
|
||||
cert->ownSlot = PR_TRUE;
|
||||
if (cert->nssCertificate) {
|
||||
nssCryptokiInstance *instance;
|
||||
NSSCertificate *c = cert->nssCertificate;
|
||||
|
@ -2235,7 +2240,7 @@ PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
|
|||
if (cert->slot == NULL) {
|
||||
cert->slot = PK11_ReferenceSlot(*pSlot);
|
||||
cert->pkcs11ID = certHandle;
|
||||
cert->ownSlot = PR_FALSE;
|
||||
cert->ownSlot = PR_TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
*/
|
||||
|
||||
#ifdef DEBUG
|
||||
static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.28 $ $Date: 2002/01/23 20:35:18 $ $Name: $";
|
||||
static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.29 $ $Date: 2002/01/24 00:34:03 $ $Name: $";
|
||||
#endif /* DEBUG */
|
||||
|
||||
#ifndef NSSPKI_H
|
||||
|
@ -55,6 +55,10 @@ static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.28 $
|
|||
#include "ckhelper.h"
|
||||
#endif /* CKHELPER_H */
|
||||
|
||||
#ifdef NSS_3_4_CODE
|
||||
#include "cert.h"
|
||||
#endif
|
||||
|
||||
extern const NSSError NSS_ERROR_NOT_FOUND;
|
||||
|
||||
#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
|
||||
|
@ -884,6 +888,18 @@ static PRStatus traverse_callback(NSSCertificate *c, void *arg)
|
|||
}
|
||||
return nssrv;
|
||||
}
|
||||
|
||||
#ifdef NSS_3_4_CODE
|
||||
static void cert_destructor_with_cache(void *el)
|
||||
{
|
||||
NSSCertificate *c = (NSSCertificate *)el;
|
||||
CERTCertificate *cert = STAN_GetCERTCertificate(c);
|
||||
/* It's already been obtained as a CERTCertificate, so it must
|
||||
* be destroyed as one
|
||||
*/
|
||||
CERT_DestroyCertificate(cert);
|
||||
}
|
||||
#endif
|
||||
|
||||
NSS_IMPLEMENT PRStatus *
|
||||
NSSTrustDomain_TraverseCertificates
|
||||
|
@ -918,7 +934,11 @@ NSSTrustDomain_TraverseCertificates
|
|||
nssrv = nssToken_TraverseCertificates(token, NULL, &search);
|
||||
}
|
||||
nssListIterator_Finish(td->tokens);
|
||||
#ifdef NSS_3_4_CODE
|
||||
nssList_Clear(certList, cert_destructor_with_cache);
|
||||
#else
|
||||
nssList_Clear(certList, cert_destructor);
|
||||
#endif
|
||||
nssList_Destroy(certList);
|
||||
return NULL;
|
||||
}
|
||||
|
|
Загрузка…
Ссылка в новой задаче