diff options
author | nelsonb%netscape.com <devnull@localhost> | 2005-11-15 23:40:18 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2005-11-15 23:40:18 +0000 |
commit | c9a0a9fc84a64a6d97e3f483b6d908324e0b84c1 (patch) | |
tree | 867ef324ff485688ac8c4a3c228988a0bd4a7279 | |
parent | 93a621cbf0b5e9355197fa283a22f75194ce86c8 (diff) | |
download | nss-hg-c9a0a9fc84a64a6d97e3f483b6d908324e0b84c1.tar.gz |
Eliminate leak and heap buffer overrun. Bug 315994. r=julien, sr=rrelyea
-rw-r--r-- | security/nss/cmd/pwdecrypt/pwdecrypt.c | 27 |
1 files changed, 6 insertions, 21 deletions
diff --git a/security/nss/cmd/pwdecrypt/pwdecrypt.c b/security/nss/cmd/pwdecrypt/pwdecrypt.c index febb91a0f..5d96ba210 100644 --- a/security/nss/cmd/pwdecrypt/pwdecrypt.c +++ b/security/nss/cmd/pwdecrypt/pwdecrypt.c @@ -317,8 +317,8 @@ main (int argc, char **argv) free(dataString); continue; } - result.data = malloc(inText->len+1); - result.len = inText->len+1; + result.data = NULL; + result.len = 0; rv = PK11SDR_Decrypt(inText, &result, NULL); SECITEM_FreeItem(inText, PR_TRUE); if (rv != SECSuccess) { @@ -330,12 +330,12 @@ main (int argc, char **argv) } fputs(dataString,outFile); free(dataString); - free(result.data); + SECITEM_ZfreeItem(&result, PR_FALSE); continue; } - result.data[result.len] = 0; - fputs(result.data,outFile); - free(result.data); + /* result buffer has no extra space for a NULL */ + fprintf(outFile, "%.*s", result.len, result.data); + SECITEM_ZfreeItem(&result, PR_FALSE); } else { putc(c,outFile); } @@ -356,18 +356,3 @@ prdone: PR_Cleanup (); return retval; } - - - - - - - - - - - - - - - |