Bug 1281724 - Fix various leaks in crlutil r=franziskus

author: Tim Taubert <ttaubert@mozilla.com> 2016-06-27 12:53:29 +0200
committer: Tim Taubert <ttaubert@mozilla.com> 2016-06-27 12:53:29 +0200
commit: 1de5f48487b4f9667a38ac70edcb8733d44efcae (patch)
tree: a24d3b3b616edd324aedaf5389b985da99eb0e1f /cmd/crlutil
parent: d921c74aad392af747ddf2e8043806702633a1ed (diff)
download: nss-hg-1de5f48487b4f9667a38ac70edcb8733d44efcae.tar.gz
1 files changed, 50 insertions, 20 deletions
diff --git a/cmd/crlutil/crlutil.c b/cmd/crlutil/crlutil.c
index ebfe8e6bf..aef4ea218 100644
--- a/cmd/crlutil/crlutil.c
+++ b/cmd/crlutil/crlutil.c
@@ -283,6 +283,7 @@ loser:
     if (slot) {
         PK11_FreeSlot(slot);
     }
+    SECITEM_FreeItem(&crlDER, PR_FALSE);
     return (rv);
 }
 
@@ -531,6 +532,8 @@ CreateNewCrl(PLArenaPool *arena, CERTCertDBHandle *certHandle,
     signCrl->dbhandle = certHandle;
     signCrl->crl.arena = arena;
 
+    PORT_ArenaUnmark(arena, mark);
+
     return signCrl;
 
 loser:
@@ -861,7 +864,7 @@ main(int argc, char **argv)
     int rv;
     char *nickName;
     char *url;
-    char *dbPrefix = "";
+    char *dbPrefix = PORT_Strdup("");
     char *alg = NULL;
     char *outFile = NULL;
     char *slotName = NULL;
@@ -938,11 +941,12 @@ main(int argc, char **argv)
                 break;
 
             case 'P':
-                dbPrefix = strdup(optstate->value);
+                PORT_Free(dbPrefix);
+                dbPrefix = PORT_Strdup(optstate->value);
                 break;
 
             case 'Z':
-                alg = strdup(optstate->value);
+                alg = PORT_Strdup(optstate->value);
                 break;
 
             case 'a':
@@ -954,8 +958,8 @@ main(int argc, char **argv)
                 if (!inCrlInitFile) {
                     PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading\n",
                                progName, optstate->value);
-                    PL_DestroyOptState(optstate);
-                    return -1;
+                    rv = SECFailure;
+                    goto loser;
                 }
                 break;
 
@@ -965,11 +969,11 @@ main(int argc, char **argv)
 
             case 'f':
                 pwdata.source = PW_FROMFILE;
-                pwdata.data = strdup(optstate->value);
+                pwdata.data = PORT_Strdup(optstate->value);
                 break;
 
             case 'h':
-                slotName = strdup(optstate->value);
+                slotName = PORT_Strdup(optstate->value);
                 break;
 
             case 'i':
@@ -977,17 +981,17 @@ main(int argc, char **argv)
                 if (!inFile) {
                     PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading\n",
                                progName, optstate->value);
-                    PL_DestroyOptState(optstate);
-                    return -1;
+                    rv = SECFailure;
+                    goto loser;
                 }
                 break;
 
             case 'n':
-                nickName = strdup(optstate->value);
+                nickName = PORT_Strdup(optstate->value);
                 break;
 
             case 'o':
-                outFile = strdup(optstate->value);
+                outFile = PORT_Strdup(optstate->value);
                 break;
 
             case 'p':
@@ -1004,8 +1008,8 @@ main(int argc, char **argv)
                 crlType = atoi(optstate->value);
                 if (crlType != SEC_CRL_TYPE && crlType != SEC_KRL_TYPE) {
                     PR_fprintf(PR_STDERR, "%s: invalid crl type\n", progName);
-                    PL_DestroyOptState(optstate);
-                    return -1;
+                    rv = SECFailure;
+                    goto loser;
                 }
                 break;
 
@@ -1015,16 +1019,15 @@ main(int argc, char **argv)
 
                 case 'w':
                     pwdata.source = PW_PLAINTEXT;
-                    pwdata.data = strdup(optstate->value);
+                    pwdata.data = PORT_Strdup(optstate->value);
                     break;
 
                 case 'u':
-                    url = strdup(optstate->value);
+                    url = PORT_Strdup(optstate->value);
                     break;
             }
         }
     }
-    PL_DestroyOptState(optstate);
 
     if (deleteCRL && !nickName)
         Usage(progName);
@@ -1054,7 +1057,8 @@ main(int argc, char **argv)
                                    "secmod.db", readonly ? NSS_INIT_READONLY : 0);
         if (secstatus != SECSuccess) {
             SECU_PrintPRandOSError(progName);
-            return -1;
+            rv = SECFailure;
+            goto loser;
         }
     }
 
@@ -1063,9 +1067,8 @@ main(int argc, char **argv)
     certHandle = CERT_GetDefaultCertDB();
     if (certHandle == NULL) {
         SECU_PrintError(progName, "unable to open the cert db");
-        /*ignoring return value of NSS_Shutdown() as code returns -1*/
-        (void)NSS_Shutdown();
-        return (-1);
+        rv = SECFailure;
+        goto loser;
     }
 
     CRLGEN_InitCrlGenParserLock();
@@ -1110,6 +1113,33 @@ main(int argc, char **argv)
 
     CRLGEN_DestroyCrlGenParserLock();
 
+loser:
+    PL_DestroyOptState(optstate);
+
+    if (inFile) {
+        PR_Close(inFile);
+    }
+    if (alg) {
+        PORT_Free(alg);
+    }
+    if (slotName) {
+        PORT_Free(slotName);
+    }
+    if (nickName) {
+        PORT_Free(nickName);
+    }
+    if (outFile) {
+        PORT_Free(outFile);
+    }
+    if (url) {
+        PORT_Free(url);
+    }
+    if (pwdata.data) {
+        PORT_Free(pwdata.data);
+    }
+
+    PORT_Free(dbPrefix);
+
     if (NSS_Shutdown() != SECSuccess) {
         rv = SECFailure;
     }
author	Tim Taubert <ttaubert@mozilla.com>	2016-06-27 12:53:29 +0200
committer	Tim Taubert <ttaubert@mozilla.com>	2016-06-27 12:53:29 +0200
commit	1de5f48487b4f9667a38ac70edcb8733d44efcae (patch)
tree	a24d3b3b616edd324aedaf5389b985da99eb0e1f /cmd/crlutil
parent	d921c74aad392af747ddf2e8043806702633a1ed (diff)
download	nss-hg-1de5f48487b4f9667a38ac70edcb8733d44efcae.tar.gz