mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

fix leakage in traversal functions that convert certs to CERTCertificates

This commit is contained in:
ian.mcgreer%sun.com 2002-01-24 00:34:03 +00:00
Родитель b482961799
Коммит 82686aae13
2 изменённых файлов: 28 добавлений и 3 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

9
security/nss/lib/pk11wrap/pk11cert.c
Просмотреть файл

@ -111,7 +111,11 @@ static PRStatus convert_and_cache_cert(NSSCertificate *c, void *arg)
static void cert_destructor(void *el)
{
NSSCertificate *c = (NSSCertificate *)el;
NSSCertificate_Destroy(c);
CERTCertificate *cert = STAN_GetCERTCertificate(c);
/* It's already been obtained as a CERTCertificate, so it must
* be destroyed as one
*/
CERT_DestroyCertificate(cert);
}
void
@ -1584,6 +1588,7 @@ PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
cert->dbhandle = STAN_GetDefaultTrustDomain();
if (cert->slot == NULL) {
cert->slot = PK11_ReferenceSlot(slot);
cert->ownSlot = PR_TRUE;
if (cert->nssCertificate) {
nssCryptokiInstance *instance;
NSSCertificate *c = cert->nssCertificate;
@ -2235,7 +2240,7 @@ PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
if (cert->slot == NULL) {
cert->slot = PK11_ReferenceSlot(*pSlot);
cert->pkcs11ID = certHandle;
cert->ownSlot = PR_FALSE;
cert->ownSlot = PR_TRUE;
}
}

22
security/nss/lib/pki/trustdomain.c
Просмотреть файл

@ -32,7 +32,7 @@
*/
#ifdef DEBUG
static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.28 $ $Date: 2002/01/23 20:35:18 $ $Name: $";
static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.29 $ $Date: 2002/01/24 00:34:03 $ $Name: $";
#endif /* DEBUG */
#ifndef NSSPKI_H
@ -55,6 +55,10 @@ static const char CVS_ID[] = "@(#) $RCSfile: trustdomain.c,v $ $Revision: 1.28 $
#include "ckhelper.h"
#endif /* CKHELPER_H */
#ifdef NSS_3_4_CODE
#include "cert.h"
#endif
extern const NSSError NSS_ERROR_NOT_FOUND;
#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
@ -884,6 +888,18 @@ static PRStatus traverse_callback(NSSCertificate *c, void *arg)
}
return nssrv;
}
#ifdef NSS_3_4_CODE
static void cert_destructor_with_cache(void *el)
{
NSSCertificate *c = (NSSCertificate *)el;
CERTCertificate *cert = STAN_GetCERTCertificate(c);
/* It's already been obtained as a CERTCertificate, so it must
* be destroyed as one
*/
CERT_DestroyCertificate(cert);
}
#endif
NSS_IMPLEMENT PRStatus *
NSSTrustDomain_TraverseCertificates
@ -918,7 +934,11 @@ NSSTrustDomain_TraverseCertificates
nssrv = nssToken_TraverseCertificates(token, NULL, &search);
}
nssListIterator_Finish(td->tokens);
#ifdef NSS_3_4_CODE
nssList_Clear(certList, cert_destructor_with_cache);
#else
nssList_Clear(certList, cert_destructor);
#endif
nssList_Destroy(certList);
return NULL;
}