diff options
| author | wtchang%redhat.com <devnull@localhost> | 2005-06-30 20:53:57 +0000 |
|---|---|---|
| committer | wtchang%redhat.com <devnull@localhost> | 2005-06-30 20:53:57 +0000 |
| commit | 04252937a62ccc3f81f1943a4f966e599fbd1020 (patch) | |
| tree | c75803b6dd624749085bbf155875453b1d95433a /security/nss/lib/certdb | |
| parent | dcece24b4b767095eeb81b77a25e2676620ec41e (diff) | |
| download | nss-hg-04252937a62ccc3f81f1943a4f966e599fbd1020.tar.gz | |
Bugzilla Bug 287057: fixed memory leaks in callers of cert_FindExtension.
pass NULL as the SECItem* argument if we only want to know if the extension
exists but don't need its value. r=jpierre,nelsonb.
Modified Files:
certdb/certdb.c certdb/genname.c certhigh/certhigh.c
certhigh/certhtml.c certhigh/crlv2.c certhigh/ocsp.c
Diffstat (limited to 'security/nss/lib/certdb')
| -rw-r--r-- | security/nss/lib/certdb/certdb.c | 5 | ||||
| -rw-r--r-- | security/nss/lib/certdb/genname.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index d7742d83c..1f2c91e17 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -545,6 +545,7 @@ cert_GetCertType(CERTCertificate *cert) tmpitem.data = NULL; CERT_FindNSCertTypeExtension(cert, &tmpitem); + encodedExtKeyUsage.data = NULL; rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &encodedExtKeyUsage); if (rv == SECSuccess) { @@ -671,8 +672,10 @@ cert_GetCertType(CERTCertificate *cert) } } - if (extKeyUsage != NULL) { + if (encodedExtKeyUsage.data != NULL) { PORT_Free(encodedExtKeyUsage.data); + } + if (extKeyUsage != NULL) { CERT_DestroyOidSequence(extKeyUsage); } /* Assert that it is safe to cast &cert->nsCertType to "PRInt32 *" */ diff --git a/security/nss/lib/certdb/genname.c b/security/nss/lib/certdb/genname.c index 9c8d1a801..a5ac86e75 100644 --- a/security/nss/lib/certdb/genname.c +++ b/security/nss/lib/certdb/genname.c @@ -1462,6 +1462,7 @@ CERT_CompareNameSpace(CERTCertificate *cert, CERTNameConstraint *matchingConstraints; CERTCertificate *badCert = NULL; + constraintsExtension.data = NULL; rv = CERT_FindCertExtension(cert, SEC_OID_X509_NAME_CONSTRAINTS, &constraintsExtension); if (rv != SECSuccess) { @@ -1474,6 +1475,7 @@ CERT_CompareNameSpace(CERTCertificate *cert, } /* TODO: mark arena */ constraints = cert_DecodeNameConstraints(arena, &constraintsExtension); + PORT_Free(constraintsExtension.data); currentName = namesList; if (constraints == NULL) { /* decode failed */ rv = SECFailure; |