diff options
author | relyea%netscape.com <devnull@localhost> | 2002-04-12 19:05:21 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2002-04-12 19:05:21 +0000 |
commit | 06cfb9fce3ac974ddd6f90f8649c94643dd62b62 (patch) | |
tree | e2afae5a09e338f058b83ed7aaa90811ee68ba02 /security/nss/lib/smime | |
parent | 58f42841249c15477fbc8a99d256299dba10da7a (diff) | |
download | nss-hg-06cfb9fce3ac974ddd6f90f8649c94643dd62b62.tar.gz |
Bug 133584: Fix reference leaks which prevent shutdown in NSS and in the tests.
Debug builds can verify correct operation by setting NSS_STRICT_SHUTDOWN, which
will cause an assert if shutdown is called but not all the modules are freed (which
means a slot, key, or cert reference has been leaked).
Diffstat (limited to 'security/nss/lib/smime')
-rw-r--r-- | security/nss/lib/smime/cmscinfo.c | 5 | ||||
-rw-r--r-- | security/nss/lib/smime/cmsencdata.c | 9 | ||||
-rw-r--r-- | security/nss/lib/smime/cmssigdata.c | 3 |
3 files changed, 14 insertions, 3 deletions
diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c index 9e4a2dc5e..85756a536 100644 --- a/security/nss/lib/smime/cmscinfo.c +++ b/security/nss/lib/smime/cmscinfo.c @@ -78,6 +78,11 @@ NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo) } if (cinfo->bulkkey) PK11_FreeSymKey(cinfo->bulkkey); + + if (cinfo->ciphcx) { + NSS_CMSCipherContext_Destroy(cinfo->ciphcx); + cinfo->ciphcx = NULL; + } /* we live in a pool, so no need to worry about storage */ } diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c index 61aae96d8..fdfa0a2b9 100644 --- a/security/nss/lib/smime/cmsencdata.c +++ b/security/nss/lib/smime/cmsencdata.c @@ -202,8 +202,10 @@ NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd) SECStatus NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd) { - if (encd->contentInfo.ciphcx) + if (encd->contentInfo.ciphcx) { NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx); + encd->contentInfo.ciphcx = NULL; + } /* nothing to do after data */ return SECSuccess; @@ -265,7 +267,10 @@ loser: SECStatus NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd) { - NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx); + if (encd->contentInfo.ciphcx) { + NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx); + encd->contentInfo.ciphcx = NULL; + } return SECSuccess; } diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c index fab7189f2..03a37cda1 100644 --- a/security/nss/lib/smime/cmssigdata.c +++ b/security/nss/lib/smime/cmssigdata.c @@ -540,7 +540,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd, count = NSS_CMSArray_Count((void**)sigd->rawCerts); for (i=0; i < count; i++) { if (sigd->certs && sigd->certs[i]) { - cert = sigd->certs[i]; + cert = CERT_DupCertificate(sigd->certs[i]); } else { cert = CERT_FindCertByDERCert(certdb, sigd->rawCerts[i]); if (!cert) { @@ -550,6 +550,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd, } rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, PR_Now(), NULL, NULL); + CERT_DestroyCertificate(cert); } return rv; |