summaryrefslogtreecommitdiff
path: root/security/nss/lib/libpkix
diff options
context:
space:
mode:
authoralexei.volkov.bugs%sun.com <devnull@localhost>2008-12-19 21:53:35 +0000
committeralexei.volkov.bugs%sun.com <devnull@localhost>2008-12-19 21:53:35 +0000
commit37f933b64632c5be9f1337ae69100f12f03bd7cc (patch)
tree526bd8a5df44cd1e604b1289afc3f600a7ce7597 /security/nss/lib/libpkix
parent763a210a3e86e88bab6702f751751b91010ea616 (diff)
downloadnss-hg-37f933b64632c5be9f1337ae69100f12f03bd7cc.tar.gz
470070 - Multiple object leaks reported by tinderbox. r=nelson
Diffstat (limited to 'security/nss/lib/libpkix')
-rwxr-xr-xsecurity/nss/lib/libpkix/include/pkix_errorstrings.h2
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/results/pkix_verifynode.c1
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/top/pkix_build.c20
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_list.c3
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_tools.c1
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c1
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c19
-rw-r--r--security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c2
8 files changed, 40 insertions, 9 deletions
diff --git a/security/nss/lib/libpkix/include/pkix_errorstrings.h b/security/nss/lib/libpkix/include/pkix_errorstrings.h
index db635514d..9e7a1744f 100755
--- a/security/nss/lib/libpkix/include/pkix_errorstrings.h
+++ b/security/nss/lib/libpkix/include/pkix_errorstrings.h
@@ -55,7 +55,7 @@ PKIX_ERRORENTRY(AIAMGRGETLDAPCERTSFAILED,pkix_pl_AIAMgr_GetLDAPCerts failed,0),
PKIX_ERRORENTRY(ALGORITHMBYTESLENGTH0,Algorithm bytes length is 0,0),
PKIX_ERRORENTRY(ALLOCATENEWCERTGENERALNAMEFAILED,Allocate new CERTGeneralName failed,0),
PKIX_ERRORENTRY(AMBIGUOUSPARENTAGEOFVERIFYNODE,Ambiguous parentage of VerifyNode,0),
-PKIX_ERRORENTRY(ANCHORDIDNOTCHAINTOCERT,Anchor did not chain to Cert,0),
+PKIX_ERRORENTRY(ANCHORDIDNOTCHAINTOCERT,Anchor did not chain to Cert,SEC_ERROR_UNKNOWN_ISSUER),
PKIX_ERRORENTRY(ANCHORDIDNOTPASSCERTSELECTORCRITERIA,Anchor did not pass CertSelector criteria,0),
PKIX_ERRORENTRY(APPENDLISTFAILED,pkix_pl_AppendList failed,0),
PKIX_ERRORENTRY(ARGUMENTNOTSTRING,Argument is not a String,0),
diff --git a/security/nss/lib/libpkix/pkix/results/pkix_verifynode.c b/security/nss/lib/libpkix/pkix/results/pkix_verifynode.c
index d1bc7c290..9c6dccc93 100755
--- a/security/nss/lib/libpkix/pkix/results/pkix_verifynode.c
+++ b/security/nss/lib/libpkix/pkix/results/pkix_verifynode.c
@@ -81,7 +81,6 @@ pkix_VerifyNode_Create(
PKIX_VerifyNode *node = NULL;
PKIX_ENTER(VERIFYNODE, "pkix_VerifyNode_Create");
-
PKIX_NULLCHECK_TWO(cert, pObject);
PKIX_CHECK(PKIX_PL_Object_Alloc
diff --git a/security/nss/lib/libpkix/pkix/top/pkix_build.c b/security/nss/lib/libpkix/pkix/top/pkix_build.c
index 2394902e2..e51bee97e 100755
--- a/security/nss/lib/libpkix/pkix/top/pkix_build.c
+++ b/security/nss/lib/libpkix/pkix/top/pkix_build.c
@@ -3211,6 +3211,26 @@ cleanup:
}
fatal:
+ if (state->parentState) {
+ /* parentState in "state" object should be NULL at this point.
+ * If itn't, that means that we got fatal error(we have jumped to
+ * "fatal" label) and we should destroy all state except the top one. */
+ while (state->parentState) {
+ PKIX_Error *error = NULL;
+ PKIX_ForwardBuilderState *prntState = state->parentState;
+ /* Dumb: need to increment parentState to avoid destruction
+ * of "build constants"(they get destroyed when parentState is
+ * set to NULL. But later, need to decref to return to the
+ * previous status. */
+ PKIX_INCREF(prntState);
+ error = PKIX_PL_Object_DecRef((PKIX_PL_Object*)state, plContext);
+ if (error) {
+ PKIX_PL_Object_DecRef((PKIX_PL_Object*)error, plContext);
+ }
+ PKIX_DECREF(prntState);
+ state = prntState;
+ }
+ }
PKIX_DECREF(parentState);
PKIX_DECREF(childState);
PKIX_DECREF(valResult);
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_list.c b/security/nss/lib/libpkix/pkix/util/pkix_list.c
index 55c2d3f90..541f0fc1f 100755
--- a/security/nss/lib/libpkix/pkix/util/pkix_list.c
+++ b/security/nss/lib/libpkix/pkix/util/pkix_list.c
@@ -1277,9 +1277,10 @@ pkix_List_BubbleSort(
}
*pSortedList = sortedList;
-
+ sortedList = NULL;
cleanup:
+ PKIX_DECREF(sortedList);
PKIX_DECREF(leastObj);
PKIX_DECREF(cmpObj);
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_tools.c b/security/nss/lib/libpkix/pkix/util/pkix_tools.c
index 15122e5f6..36775dee9 100755
--- a/security/nss/lib/libpkix/pkix/util/pkix_tools.c
+++ b/security/nss/lib/libpkix/pkix/util/pkix_tools.c
@@ -1540,6 +1540,7 @@ pkix_CheckForGeneratedError(PKIX_StdVars * stdVars,
while(fnStackNameArr[pos]) {
strLen += PORT_Strlen(fnStackNameArr[pos++]) + 1;
}
+ strLen += 1; /* end of line. */
pos = 0;
errorFnStackString = PORT_ZAlloc(strLen);
while(fnStackNameArr[pos]) {
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
index eb0497d7c..4b2fa9189 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
@@ -697,6 +697,7 @@ cleanup:
PKIX_DECREF(aiaMgr->client.ldapClient);
}
+ PKIX_DECREF(certs);
PKIX_DECREF(ia);
PKIX_RETURN(AIAMGR);
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
index 8f259fadf..4089ebb85 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
@@ -304,6 +304,7 @@ pkix_pl_Cert_DecodePolicyInfo(
PKIX_LISTSETIMMUTABLEFAILED);
*pCertPolicyInfos = infos;
+ infos = NULL;
cleanup:
if (certPol) {
@@ -312,16 +313,14 @@ cleanup:
CERT_DestroyCertificatePoliciesExtension(certPol);
}
- if (PKIX_ERROR_RECEIVED){
- PKIX_DECREF(infos);
- }
-
PKIX_FREE(oidAscii);
+ PKIX_DECREF(infos);
PKIX_DECREF(pkixOID);
PKIX_DECREF(qualifiers);
PKIX_DECREF(certPolicyInfo);
PKIX_DECREF(certPolicyQualifier);
PKIX_DECREF(qualifierArray);
+
PKIX_RETURN(CERT);
}
@@ -461,6 +460,7 @@ pkix_pl_Cert_DecodePolicyMapping(
PKIX_LISTSETIMMUTABLEFAILED);
*pCertPolicyMaps = maps;
+ maps = NULL;
cleanup:
if (certPolMaps) {
@@ -471,6 +471,7 @@ cleanup:
PKIX_FREE(issuerPolicyOIDAscii);
PKIX_FREE(subjectPolicyOIDAscii);
+ PKIX_DECREF(maps);
PKIX_DECREF(issuerDomainOID);
PKIX_DECREF(subjectDomainOID);
PKIX_DECREF(certPolicyMap);
@@ -2652,6 +2653,7 @@ PKIX_PL_Cert_GetPolicyInformation(
/* save a cached copy in case it is asked for again */
cert->certPolicyInfos = policyList;
+ policyList = NULL;
}
PKIX_INCREF(cert->certPolicyInfos);
@@ -2660,6 +2662,8 @@ PKIX_PL_Cert_GetPolicyInformation(
cleanup:
PKIX_OBJECT_UNLOCK(lockedObject);
+
+ PKIX_DECREF(policyList);
PKIX_RETURN(CERT);
}
@@ -2699,14 +2703,17 @@ PKIX_PL_Cert_GetPolicyMappings(
PKIX_OBJECT_UNLOCK(cert);
/* save a cached copy in case it is asked for again */
- cert->certPolicyMappings = policyMappings;
+ cert->certPolicyMappings = policyMappings;
+ policyMappings = NULL;
}
PKIX_INCREF(cert->certPolicyMappings);
*pPolicyMappings = cert->certPolicyMappings;
-
+
cleanup:
PKIX_OBJECT_UNLOCK(lockedObject);
+
+ PKIX_DECREF(policyMappings);
PKIX_RETURN(CERT);
}
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c
index cd0b7e055..d7705f5a0 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_certpolicymap.c
@@ -95,8 +95,10 @@ pkix_pl_CertPolicyMap_Create(
policyMap->subjectDomainPolicy = subjectDomainPolicy;
*pCertPolicyMap = policyMap;
+ policyMap = NULL;
cleanup:
+ PKIX_DECREF(policyMap);
PKIX_RETURN(CERTPOLICYMAP);
}
View Lorry Controller Status