diff options
| author | nelsonb%netscape.com <devnull@localhost> | 2002-10-25 22:46:48 +0000 |
|---|---|---|
| committer | nelsonb%netscape.com <devnull@localhost> | 2002-10-25 22:46:48 +0000 |
| commit | 3becfff534870d2b55507dc907d01cf2eba3a741 (patch) | |
| tree | 43d7ab5954cfbd663e10d89c0e98be7633aca50a | |
| parent | d935a22737501cf7f772731fae87c5a3e2db150f (diff) | |
| download | nss-hg-3becfff534870d2b55507dc907d01cf2eba3a741.tar.gz | |
Plug cert leak in NSS_SMIMESignerInfo_SaveSMIMEProfile. Bug 176799.
Patch contributed by Kai Engert.
| -rw-r--r-- | security/nss/lib/smime/cmssiginfo.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c index 5c5e934e7..a9c46d07e 100644 --- a/security/nss/lib/smime/cmssiginfo.c +++ b/security/nss/lib/smime/cmssiginfo.c @@ -879,6 +879,7 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo) CERTCertDBHandle *certdb; int save_error; SECStatus rv; + PRBool must_free_cert = PR_FALSE; certdb = CERT_GetDefaultCertDB(); @@ -900,6 +901,7 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo) cert = NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(certdb, ekp); if (cert == NULL) return SECFailure; + must_free_cert = PR_TRUE; } if (cert == NULL) { @@ -915,6 +917,8 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo) * should have already been saved */ #ifdef notdef if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) { + if (must_free_cert) + CERT_DestroyCertificate(cert); return SECFailure; } #endif @@ -939,6 +943,8 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo) } rv = CERT_SaveSMimeProfile (cert, profile, utc_stime); + if (must_free_cert) + CERT_DestroyCertificate(cert); /* * Restore the saved error in case the calls above set a new |