diff options
author | nelsonb%netscape.com <devnull@localhost> | 2001-03-30 00:40:24 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2001-03-30 00:40:24 +0000 |
commit | 55d91ebe35044899ee25aee68536c1417b19001b (patch) | |
tree | d0e511ae74b6b66f8559e59a5f663bc23f63cb66 | |
parent | 89495286447875156f4468e4587e71f5c95f9e7a (diff) | |
download | nss-hg-55d91ebe35044899ee25aee68536c1417b19001b.tar.gz |
Fix leak of cert reference in cert authentication callback functions.
-rw-r--r-- | security/nss/cmd/SSLsample/sslsample.c | 2 | ||||
-rw-r--r-- | security/nss/cmd/selfserv/selfserv.c | 1 | ||||
-rw-r--r-- | security/nss/cmd/strsclnt/strsclnt.c | 1 |
3 files changed, 4 insertions, 0 deletions
diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c index 77c543e12..5db5aefb8 100644 --- a/security/nss/cmd/SSLsample/sslsample.c +++ b/security/nss/cmd/SSLsample/sslsample.c @@ -140,6 +140,7 @@ myAuthCertificate(void *arg, PRFileDesc *socket, /* If this is a server, we're finished. */ if (isServer || secStatus != SECSuccess) { + CERT_DestroyCertificate(cert); return secStatus; } @@ -162,6 +163,7 @@ myAuthCertificate(void *arg, PRFileDesc *socket, if (hostName) PR_Free(hostName); + CERT_DestroyCertificate(cert); return secStatus; } diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index 16ce65cd3..4d215253b 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -276,6 +276,7 @@ mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, FPRINTF(stderr, "selfserv: -- SSL3: Certificate Invalid, err %d.\n%s\n", err, SECU_Strerror(err)); } + CERT_DestroyCertificate(peerCert); FLUSH; return rv; } diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c index 5a4ce56b0..3bcfb894c 100644 --- a/security/nss/cmd/strsclnt/strsclnt.c +++ b/security/nss/cmd/strsclnt/strsclnt.c @@ -213,6 +213,7 @@ mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, if (rv == SECSuccess) { fputs("strsclnt: -- SSL: Server Certificate Validated.\n", stderr); } + CERT_DestroyCertificate(peerCert); /* error, if any, will be displayed by the Bad Cert Handler. */ return rv; } |