Bug 133584: Fix reference leaks which prevent shutdown in NSS and in the tests.

Debug builds can verify correct operation by setting NSS_STRICT_SHUTDOWN, which will cause an assert if shutdown is called but not all the modules are freed (which means a slot, key, or cert reference has been leaked).
author: relyea%netscape.com <devnull@localhost> 2002-04-12 19:05:21 +0000
committer: relyea%netscape.com <devnull@localhost> 2002-04-12 19:05:21 +0000
commit: 06cfb9fce3ac974ddd6f90f8649c94643dd62b62 (patch)
tree: e2afae5a09e338f058b83ed7aaa90811ee68ba02 /security/nss/lib/smime
parent: 58f42841249c15477fbc8a99d256299dba10da7a (diff)
download: nss-hg-06cfb9fce3ac974ddd6f90f8649c94643dd62b62.tar.gz
3 files changed, 14 insertions, 3 deletions
diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c
index 9e4a2dc5e..85756a536 100644
--- a/security/nss/lib/smime/cmscinfo.c
+++ b/security/nss/lib/smime/cmscinfo.c
@@ -78,6 +78,11 @@ NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo)
     }
     if (cinfo->bulkkey)
 	PK11_FreeSymKey(cinfo->bulkkey);
+
+    if (cinfo->ciphcx) {
+	NSS_CMSCipherContext_Destroy(cinfo->ciphcx);
+	cinfo->ciphcx = NULL;
+    }
     
     /* we live in a pool, so no need to worry about storage */
 }
diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c
index 61aae96d8..fdfa0a2b9 100644
--- a/security/nss/lib/smime/cmsencdata.c
+++ b/security/nss/lib/smime/cmsencdata.c
@@ -202,8 +202,10 @@ NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd)
 SECStatus
 NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd)
 {
-    if (encd->contentInfo.ciphcx)
+    if (encd->contentInfo.ciphcx) {
 	NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
+	encd->contentInfo.ciphcx = NULL;
+    }
 
     /* nothing to do after data */
     return SECSuccess;
@@ -265,7 +267,10 @@ loser:
 SECStatus
 NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd)
 {
-    NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
+    if (encd->contentInfo.ciphcx) {
+	NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
+	encd->contentInfo.ciphcx = NULL;
+    }
 
     return SECSuccess;
 }
diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c
index fab7189f2..03a37cda1 100644
--- a/security/nss/lib/smime/cmssigdata.c
+++ b/security/nss/lib/smime/cmssigdata.c
@@ -540,7 +540,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
     count = NSS_CMSArray_Count((void**)sigd->rawCerts);
     for (i=0; i < count; i++) {
 	if (sigd->certs && sigd->certs[i]) {
-	    cert = sigd->certs[i];
+	    cert = CERT_DupCertificate(sigd->certs[i]);
 	} else {
 	    cert = CERT_FindCertByDERCert(certdb, sigd->rawCerts[i]);
 	    if (!cert) {
@@ -550,6 +550,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
 	}
 	rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, PR_Now(), 
                               NULL, NULL);
+	CERT_DestroyCertificate(cert);
     }
 
     return rv;
author	relyea%netscape.com <devnull@localhost>	2002-04-12 19:05:21 +0000
committer	relyea%netscape.com <devnull@localhost>	2002-04-12 19:05:21 +0000
commit	06cfb9fce3ac974ddd6f90f8649c94643dd62b62 (patch)
tree	e2afae5a09e338f058b83ed7aaa90811ee68ba02 /security/nss/lib/smime
parent	58f42841249c15477fbc8a99d256299dba10da7a (diff)
download	nss-hg-06cfb9fce3ac974ddd6f90f8649c94643dd62b62.tar.gz