diff options
| author | wtc%netscape.com <devnull@localhost> | 2003-09-12 19:50:27 +0000 |
|---|---|---|
| committer | wtc%netscape.com <devnull@localhost> | 2003-09-12 19:50:27 +0000 |
| commit | dac74ae013d504acc466cb31f1b0306d7cd485f4 (patch) | |
| tree | 844f13783f0a53e4f6e99d7a92775446acd685c6 | |
| parent | 1adb60ffbcd9a001e45f326c5a883c4887efbdb0 (diff) | |
| download | nss-hg-dac74ae013d504acc466cb31f1b0306d7cd485f4.tar.gz | |
Bugzilla bug 217247: improved the memory leak fix for the appData nicknames
returned by PK11_ListCerts. Instead of allocating them from the heap first
and copying to the arena, allocate them from the arena directly. r=jpierre
Modified Files: certhigh.c pk11cert.c pki3hack.h pki3hack.c
Tag: NSS_3_8_BRANCH
| -rw-r--r-- | security/nss/lib/certhigh/certhigh.c | 2 | ||||
| -rw-r--r-- | security/nss/lib/pk11wrap/pk11cert.c | 5 | ||||
| -rw-r--r-- | security/nss/lib/pki/pki3hack.c | 11 | ||||
| -rw-r--r-- | security/nss/lib/pki/pki3hack.h | 5 |
4 files changed, 15 insertions, 8 deletions
diff --git a/security/nss/lib/certhigh/certhigh.c b/security/nss/lib/certhigh/certhigh.c index 3b818d370..f9911b81c 100644 --- a/security/nss/lib/certhigh/certhigh.c +++ b/security/nss/lib/certhigh/certhigh.c @@ -418,7 +418,7 @@ CollectNicknames( NSSCertificate *c, void *data) * a duplicate */ if ( saveit ) { - nickname = STAN_GetCERTCertificateName(c); + nickname = STAN_GetCERTCertificateName(NULL, c); /* nickname can only be NULL here if we are having memory * alloc problems */ if (nickname == NULL) { diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c index 08813fd1c..2b0beee64 100644 --- a/security/nss/lib/pk11wrap/pk11cert.c +++ b/security/nss/lib/pk11wrap/pk11cert.c @@ -3370,7 +3370,7 @@ pk11ListCertCallback(NSSCertificate *c, void *arg) if (isUnique) { CERT_DupCertificate(newCert); - nickname = STAN_GetCERTCertificateName(c); + nickname = STAN_GetCERTCertificateName(certList->arena, c); /* put slot certs at the end */ if (newCert->slot && !PK11_IsInternal(newCert->slot)) { @@ -3392,7 +3392,8 @@ pk11ListCertCallback(NSSCertificate *c, void *arg) /* put the same CERTCertificate in the list for all instances */ CERT_DupCertificate(newCert); - nickname = STAN_GetCERTCertificateNameForInstance(c, instance); + nickname = STAN_GetCERTCertificateNameForInstance( + certList->arena, c, instance); /* put slot certs at the end */ if (slot && !PK11_IsInternal(slot)) { diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c index 7ee909e07..7c91d5c41 100644 --- a/security/nss/lib/pki/pki3hack.c +++ b/security/nss/lib/pki/pki3hack.c @@ -587,6 +587,7 @@ get_cert_instance(NSSCertificate *c) char * STAN_GetCERTCertificateNameForInstance ( + PLArenaPool *arenaOpt, NSSCertificate *c, nssCryptokiInstance *instance ) @@ -615,7 +616,11 @@ STAN_GetCERTCertificateNameForInstance ( } nicklen = nssUTF8_Size(stanNick, &nssrv); len = tokenlen + nicklen; - nickname = PORT_Alloc(len); + if (arenaOpt) { + nickname = PORT_ArenaAlloc(arenaOpt, len); + } else { + nickname = PORT_Alloc(len); + } nick = nickname; if (tokenName) { memcpy(nick, tokenName, tokenlen-1); @@ -629,10 +634,10 @@ STAN_GetCERTCertificateNameForInstance ( } char * -STAN_GetCERTCertificateName(NSSCertificate *c) +STAN_GetCERTCertificateName(PLArenaPool *arenaOpt, NSSCertificate *c) { nssCryptokiInstance *instance = get_cert_instance(c); - return STAN_GetCERTCertificateNameForInstance(c, instance); + return STAN_GetCERTCertificateNameForInstance(arenaOpt, c, instance); } static void diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h index da49859e8..6e50725d3 100644 --- a/security/nss/lib/pki/pki3hack.h +++ b/security/nss/lib/pki/pki3hack.h @@ -111,10 +111,11 @@ nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der, NSSArena *arena, NSSDER *issuer, NSSDER *serial); NSS_EXTERN char * -STAN_GetCERTCertificateName(NSSCertificate *c); +STAN_GetCERTCertificateName(PLArenaPool *arenaOpt, NSSCertificate *c); NSS_EXTERN char * -STAN_GetCERTCertificateNameForInstance(NSSCertificate *c, +STAN_GetCERTCertificateNameForInstance(PLArenaPool *arenaOpt, + NSSCertificate *c, nssCryptokiInstance *instance); /* exposing this */ |