diff options
author | Tim Taubert <ttaubert@mozilla.com> | 2016-06-27 12:53:29 +0200 |
---|---|---|
committer | Tim Taubert <ttaubert@mozilla.com> | 2016-06-27 12:53:29 +0200 |
commit | 1de5f48487b4f9667a38ac70edcb8733d44efcae (patch) | |
tree | a24d3b3b616edd324aedaf5389b985da99eb0e1f /cmd/crlutil | |
parent | d921c74aad392af747ddf2e8043806702633a1ed (diff) | |
download | nss-hg-1de5f48487b4f9667a38ac70edcb8733d44efcae.tar.gz |
Bug 1281724 - Fix various leaks in crlutil r=franziskus
Diffstat (limited to 'cmd/crlutil')
-rw-r--r-- | cmd/crlutil/crlutil.c | 70 |
1 files changed, 50 insertions, 20 deletions
diff --git a/cmd/crlutil/crlutil.c b/cmd/crlutil/crlutil.c index ebfe8e6bf..aef4ea218 100644 --- a/cmd/crlutil/crlutil.c +++ b/cmd/crlutil/crlutil.c @@ -283,6 +283,7 @@ loser: if (slot) { PK11_FreeSlot(slot); } + SECITEM_FreeItem(&crlDER, PR_FALSE); return (rv); } @@ -531,6 +532,8 @@ CreateNewCrl(PLArenaPool *arena, CERTCertDBHandle *certHandle, signCrl->dbhandle = certHandle; signCrl->crl.arena = arena; + PORT_ArenaUnmark(arena, mark); + return signCrl; loser: @@ -861,7 +864,7 @@ main(int argc, char **argv) int rv; char *nickName; char *url; - char *dbPrefix = ""; + char *dbPrefix = PORT_Strdup(""); char *alg = NULL; char *outFile = NULL; char *slotName = NULL; @@ -938,11 +941,12 @@ main(int argc, char **argv) break; case 'P': - dbPrefix = strdup(optstate->value); + PORT_Free(dbPrefix); + dbPrefix = PORT_Strdup(optstate->value); break; case 'Z': - alg = strdup(optstate->value); + alg = PORT_Strdup(optstate->value); break; case 'a': @@ -954,8 +958,8 @@ main(int argc, char **argv) if (!inCrlInitFile) { PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading\n", progName, optstate->value); - PL_DestroyOptState(optstate); - return -1; + rv = SECFailure; + goto loser; } break; @@ -965,11 +969,11 @@ main(int argc, char **argv) case 'f': pwdata.source = PW_FROMFILE; - pwdata.data = strdup(optstate->value); + pwdata.data = PORT_Strdup(optstate->value); break; case 'h': - slotName = strdup(optstate->value); + slotName = PORT_Strdup(optstate->value); break; case 'i': @@ -977,17 +981,17 @@ main(int argc, char **argv) if (!inFile) { PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading\n", progName, optstate->value); - PL_DestroyOptState(optstate); - return -1; + rv = SECFailure; + goto loser; } break; case 'n': - nickName = strdup(optstate->value); + nickName = PORT_Strdup(optstate->value); break; case 'o': - outFile = strdup(optstate->value); + outFile = PORT_Strdup(optstate->value); break; case 'p': @@ -1004,8 +1008,8 @@ main(int argc, char **argv) crlType = atoi(optstate->value); if (crlType != SEC_CRL_TYPE && crlType != SEC_KRL_TYPE) { PR_fprintf(PR_STDERR, "%s: invalid crl type\n", progName); - PL_DestroyOptState(optstate); - return -1; + rv = SECFailure; + goto loser; } break; @@ -1015,16 +1019,15 @@ main(int argc, char **argv) case 'w': pwdata.source = PW_PLAINTEXT; - pwdata.data = strdup(optstate->value); + pwdata.data = PORT_Strdup(optstate->value); break; case 'u': - url = strdup(optstate->value); + url = PORT_Strdup(optstate->value); break; } } } - PL_DestroyOptState(optstate); if (deleteCRL && !nickName) Usage(progName); @@ -1054,7 +1057,8 @@ main(int argc, char **argv) "secmod.db", readonly ? NSS_INIT_READONLY : 0); if (secstatus != SECSuccess) { SECU_PrintPRandOSError(progName); - return -1; + rv = SECFailure; + goto loser; } } @@ -1063,9 +1067,8 @@ main(int argc, char **argv) certHandle = CERT_GetDefaultCertDB(); if (certHandle == NULL) { SECU_PrintError(progName, "unable to open the cert db"); - /*ignoring return value of NSS_Shutdown() as code returns -1*/ - (void)NSS_Shutdown(); - return (-1); + rv = SECFailure; + goto loser; } CRLGEN_InitCrlGenParserLock(); @@ -1110,6 +1113,33 @@ main(int argc, char **argv) CRLGEN_DestroyCrlGenParserLock(); +loser: + PL_DestroyOptState(optstate); + + if (inFile) { + PR_Close(inFile); + } + if (alg) { + PORT_Free(alg); + } + if (slotName) { + PORT_Free(slotName); + } + if (nickName) { + PORT_Free(nickName); + } + if (outFile) { + PORT_Free(outFile); + } + if (url) { + PORT_Free(url); + } + if (pwdata.data) { + PORT_Free(pwdata.data); + } + + PORT_Free(dbPrefix); + if (NSS_Shutdown() != SECSuccess) { rv = SECFailure; } |