зеркало из https://github.com/mozilla/gecko-dev.git
fix leakage in traversal functions that convert certs to CERTCertificates
This commit is contained in:
Родитель
b482961799
Коммит
82686aae13
|
@ -111,7 +111,11 @@ static PRStatus convert_and_cache_cert(NSSCertificate *c, void *arg)
|
||||||
static void cert_destructor(void *el)
|
static void cert_destructor(void *el)
|
||||||
{
|
{
|
||||||
NSSCertificate *c = (NSSCertificate *)el;
|
NSSCertificate *c = (NSSCertificate *)el;
|
||||||
NSSCertificate_Destroy(c);
|
CERTCertificate *cert = STAN_GetCERTCertificate(c);
|
||||||
|
/* It's already been obtained as a CERTCertificate, so it must
|
||||||
|
* be destroyed as one
|
||||||
|
*/
|
||||||
|
CERT_DestroyCertificate(cert);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
@ -1584,6 +1588,7 @@ PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
|
||||||
cert->dbhandle = STAN_GetDefaultTrustDomain();
|
cert->dbhandle = STAN_GetDefaultTrustDomain();
|
||||||
if (cert->slot == NULL) {
|
if (cert->slot == NULL) {
|
||||||
cert->slot = PK11_ReferenceSlot(slot);
|
cert->slot = PK11_ReferenceSlot(slot);
|
||||||
|
cert->ownSlot = PR_TRUE;
|
||||||
if (cert->nssCertificate) {
|
if (cert->nssCertificate) {
|
||||||
nssCryptokiInstance *instance;
|
nssCryptokiInstance *instance;
|
||||||
NSSCertificate *c = cert->nssCertificate;
|
NSSCertificate *c = cert->nssCertificate;
|
||||||
|
@ -2235,7 +2240,7 @@ PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
|
||||||
if (cert->slot == NULL) {
|
if (cert->slot == NULL) {
|
||||||
cert->slot = PK11_ReferenceSlot(*pSlot);
|
cert->slot = PK11_ReferenceSlot(*pSlot);
|
||||||
cert->pkcs11ID = certHandle;
|
cert->pkcs11ID = certHandle;
|
||||||
cert->ownSlot = PR_FALSE;
|
cert->ownSlot = PR_TRUE;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifdef DEBUG
|
#ifdef DEBUG
|
||||||
static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.28 $ $Date: 2002/01/23 20:35:18 $ $Name: $";
|
static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.29 $ $Date: 2002/01/24 00:34:03 $ $Name: $";
|
||||||
#endif /* DEBUG */
|
#endif /* DEBUG */
|
||||||
|
|
||||||
#ifndef NSSPKI_H
|
#ifndef NSSPKI_H
|
||||||
|
@ -55,6 +55,10 @@ static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.28 $
|
||||||
#include "ckhelper.h"
|
#include "ckhelper.h"
|
||||||
#endif /* CKHELPER_H */
|
#endif /* CKHELPER_H */
|
||||||
|
|
||||||
|
#ifdef NSS_3_4_CODE
|
||||||
|
#include "cert.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
extern const NSSError NSS_ERROR_NOT_FOUND;
|
extern const NSSError NSS_ERROR_NOT_FOUND;
|
||||||
|
|
||||||
#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
|
#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
|
||||||
|
@ -885,6 +889,18 @@ static PRStatus traverse_callback(NSSCertificate *c, void *arg)
|
||||||
return nssrv;
|
return nssrv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifdef NSS_3_4_CODE
|
||||||
|
static void cert_destructor_with_cache(void *el)
|
||||||
|
{
|
||||||
|
NSSCertificate *c = (NSSCertificate *)el;
|
||||||
|
CERTCertificate *cert = STAN_GetCERTCertificate(c);
|
||||||
|
/* It's already been obtained as a CERTCertificate, so it must
|
||||||
|
* be destroyed as one
|
||||||
|
*/
|
||||||
|
CERT_DestroyCertificate(cert);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
NSS_IMPLEMENT PRStatus *
|
NSS_IMPLEMENT PRStatus *
|
||||||
NSSTrustDomain_TraverseCertificates
|
NSSTrustDomain_TraverseCertificates
|
||||||
(
|
(
|
||||||
|
@ -918,7 +934,11 @@ NSSTrustDomain_TraverseCertificates
|
||||||
nssrv = nssToken_TraverseCertificates(token, NULL, &search);
|
nssrv = nssToken_TraverseCertificates(token, NULL, &search);
|
||||||
}
|
}
|
||||||
nssListIterator_Finish(td->tokens);
|
nssListIterator_Finish(td->tokens);
|
||||||
|
#ifdef NSS_3_4_CODE
|
||||||
|
nssList_Clear(certList, cert_destructor_with_cache);
|
||||||
|
#else
|
||||||
nssList_Clear(certList, cert_destructor);
|
nssList_Clear(certList, cert_destructor);
|
||||||
|
#endif
|
||||||
nssList_Destroy(certList);
|
nssList_Destroy(certList);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
Загрузка…
Ссылка в новой задаче